From 6bd8fdd467130f59ab09536f3da004d34d873d2c Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Mon, 6 Apr 2026 07:26:29 +0000
Subject: [PATCH 01/12] Update dependency @aws-sdk/client-s3 to v3.1023.0
 (#27164)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This PR contains the following updates:

| Package | Change |
[Age](https://docs.renovatebot.com/merge-confidence/) |
[Confidence](https://docs.renovatebot.com/merge-confidence/) |
|---|---|---|---|
|
[@aws-sdk/client-s3](https://redirect.github.com/aws/aws-sdk-js-v3/tree/main/clients/client-s3)
([source](https://redirect.github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3))
| [`3.864.0` →
`3.1023.0`](https://renovatebot.com/diffs/npm/@aws-sdk%2fclient-s3/3.864.0/3.1023.0)
|
![age](https://developer.mend.io/api/mc/badges/age/npm/@aws-sdk%2fclient-s3/3.1023.0?slim=true)
|
![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@aws-sdk%2fclient-s3/3.864.0/3.1023.0?slim=true)
|

---

### Release Notes

<details>
<summary>aws/aws-sdk-js-v3 (@&#8203;aws-sdk/client-s3)</summary>

###
[`v3.1023.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#310230-2026-04-02)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.1022.0...v3.1023.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.1022.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#310220-2026-04-01)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.1021.0...v3.1022.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.1021.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#310210-2026-03-31)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.1020.0...v3.1021.0)

##### Bug Fixes

- **codegen:** sync for adaptive retry throttling detection fix
([#&#8203;7905](https://redirect.github.com/aws/aws-sdk-js-v3/issues/7905))
([03f108d](https://redirect.github.com/aws/aws-sdk-js-v3/commit/03f108d08c37fcde9de0a62c29887458e980d84e))

##### Features

- **client-s3:** Add Bucket Metrics configuration support to directory
buckets
([67ff7cc](https://redirect.github.com/aws/aws-sdk-js-v3/commit/67ff7cc5dd608937694b7d1e10aceef09e611011))

###
[`v3.1020.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#310200-2026-03-30)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.1019.0...v3.1020.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.1019.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#310190-2026-03-27)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.1018.0...v3.1019.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.1018.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#310180-2026-03-26)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.1017.0...v3.1018.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.1017.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#310170-2026-03-25)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.1016.0...v3.1017.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.1016.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#310160-2026-03-24)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.1015.0...v3.1016.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.1015.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#310150-2026-03-23)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.1014.0...v3.1015.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.1014.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#310140-2026-03-20)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.1013.0...v3.1014.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.1013.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#310130-2026-03-19)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.1012.0...v3.1013.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.1012.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#310120-2026-03-18)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.1011.0...v3.1012.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.1011.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#310110-2026-03-17)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.1010.0...v3.1011.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.1010.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#310100-2026-03-16)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.1009.0...v3.1010.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.1009.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#310090-2026-03-13)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.1008.0...v3.1009.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.1008.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#310080-2026-03-12)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.1007.0...v3.1008.0)

##### Features

- **client-s3:** Adds support for account regional namespaces for
general purpose buckets. The account regional namespace is a reserved
subdivision of the global bucket namespace where only your account can
create general purpose buckets.
([1791028](https://redirect.github.com/aws/aws-sdk-js-v3/commit/179102877b8b119d9662e3bcb791ebafca57de2d))

###
[`v3.1007.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#310070-2026-03-11)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.1006.0...v3.1007.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.1006.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#310060-2026-03-10)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.1005.0...v3.1006.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.1005.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#310050-2026-03-09)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.1004.0...v3.1005.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.1004.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#310040-2026-03-06)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.1003.0...v3.1004.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.1003.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#310030-2026-03-05)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.1002.0...v3.1003.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.1002.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#310020-2026-03-04)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.1001.0...v3.1002.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.1001.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#310010-2026-03-03)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.1000.0...v3.1001.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.1000.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#310000-2026-02-27)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.999.0...v3.1000.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.999.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39990-2026-02-26)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.998.0...v3.999.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.998.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39980-2026-02-25)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.997.0...v3.998.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.997.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39970-2026-02-24)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.996.0...v3.997.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.996.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39960-2026-02-23)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.995.0...v3.996.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.995.0`](https://redirect.github.com/aws/aws-sdk-js-v3/releases/tag/v3.995.0)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.994.0...v3.995.0)

##### 3.995.0(2026-02-20)

##### Chores

- **codegen:** bump codegen version to 0.45.0
([#&#8203;7752](https://redirect.github.com/aws/aws-sdk-js-v3/pull/7752))
([3c93f8ab](https://redirect.github.com/aws/aws-sdk-js-v3/commit/3c93f8ab7a5baa0ad56bc06767b38132490221de))
- **util-user-agent-node:** populate metadata of alternative JavaScript
runtimes
([#&#8203;7754](https://redirect.github.com/aws/aws-sdk-js-v3/pull/7754))
([79d2c235](https://redirect.github.com/aws/aws-sdk-js-v3/commit/79d2c235fc32a54fd088949cdb63afcd7fd8ed60))
- make PR template checklist easier to edit
([#&#8203;7753](https://redirect.github.com/aws/aws-sdk-js-v3/pull/7753))
([be25ea35](https://redirect.github.com/aws/aws-sdk-js-v3/commit/be25ea35e3e48a216d20cd66beb3537d36d8a258))

##### New Features

- **clients:** update client endpoints as of 2026-02-20
([aa23f1e0](https://redirect.github.com/aws/aws-sdk-js-v3/commit/aa23f1e0e151ac3e2ce430b8b847ee196d78f457))
- **client-appstream:** Adding new attribute to disable IMDS v1 APIs for
fleet, Image Builder and AppBlockBuilder instances.
([72021889](https://redirect.github.com/aws/aws-sdk-js-v3/commit/720218892a2c5eae9c5157e383a253d02a5b3959))
- **client-sagemaker-runtime:** Added support for S3OutputPathExtension
and Filename parameters to the InvokeEndpointAsync API to allow users to
customize the S3 output path and file name for async inference response
payloads.
([edac3d73](https://redirect.github.com/aws/aws-sdk-js-v3/commit/edac3d730ce23289651582209425f567912be4fd))
- **client-trustedadvisor:** Adding a new enum attribute(statusReason)
to TrustedAdvisorAPI response. This attribute explains reasoning behind
check status for certain specific scenarios.
([2d4a1eb4](https://redirect.github.com/aws/aws-sdk-js-v3/commit/2d4a1eb4804aafa8b4581783e0db0dcb3eb61e8d))
- **client-ecs:** Migrated to Smithy. No functional changes
([20258a5f](https://redirect.github.com/aws/aws-sdk-js-v3/commit/20258a5ffedcaffdf80b85eeb66d5e00057de37d))
- **client-ssm:** Add support for AssociationDispatchAssumeRole in AWS
SSM State Manager.
([83535fc8](https://redirect.github.com/aws/aws-sdk-js-v3/commit/83535fc82c40d5871dea60dc4374527d6a2ff5be))
- **client-signer-data:** This release introduces AWS Signer Data Plane
SDK client supporting GetRevocationStatus API. The new client enables
AWS PrivateLink connectivity with both private DNS and VPC endpoint
URLs.
([b03b059d](https://redirect.github.com/aws/aws-sdk-js-v3/commit/b03b059db8d788eed82aa57f354adc89d06767c7))

***

For list of updated packages, view **updated-packages.md** in
**assets-3.995.0.zip**

###
[`v3.994.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39940-2026-02-19)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.993.0...v3.994.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.993.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39930-2026-02-18)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.992.0...v3.993.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.992.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39920-2026-02-17)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.991.0...v3.992.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.991.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39910-2026-02-16)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.990.0...v3.991.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.990.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39900-2026-02-13)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.989.0...v3.990.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.989.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39890-2026-02-12)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.988.0...v3.989.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.988.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39880-2026-02-11)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.987.0...v3.988.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.987.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39870-2026-02-10)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.986.0...v3.987.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.986.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39860-2026-02-09)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.985.0...v3.986.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.985.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39850-2026-02-06)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.984.0...v3.985.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.984.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39840-2026-02-05)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.983.0...v3.984.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.983.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39830-2026-02-04)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.982.0...v3.983.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.982.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39820-2026-02-03)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.981.0...v3.982.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.981.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39810-2026-02-02)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.980.0...v3.981.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.980.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39800-2026-01-30)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.978.0...v3.980.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.978.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39780-2026-01-28)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.975.0...v3.978.0)

##### Features

- **client-s3:** Adds support for the UpdateObjectEncryption API to
change the server-side encryption type of objects in general purpose
buckets.
([b56cea5](https://redirect.github.com/aws/aws-sdk-js-v3/commit/b56cea5532c5b36fcc5e88c8f5c5c8b67a0e4a12))

###
[`v3.975.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39750-2026-01-23)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.974.0...v3.975.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.974.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39740-2026-01-22)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.972.0...v3.974.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.972.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39720-2026-01-20)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.971.0...v3.972.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.971.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39710-2026-01-16)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.970.0...v3.971.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.970.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39700-2026-01-15)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.969.0...v3.970.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.969.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39690-2026-01-14)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.968.0...v3.969.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.968.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39680-2026-01-13)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.967.0...v3.968.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.967.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39670-2026-01-12)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.966.0...v3.967.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.966.0`](https://redirect.github.com/aws/aws-sdk-js-v3/releases/tag/v3.966.0)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.965.0...v3.966.0)

##### 3.966.0(2026-01-09)

##### Chores

- **codegen:**
- release smithy-typescript-aws-codegen v0.41.1
([#&#8203;7633](https://redirect.github.com/aws/aws-sdk-js-v3/pull/7633))
([f5048a66](https://redirect.github.com/aws/aws-sdk-js-v3/commit/f5048a6665591d98e2c21c9ef9cd179a904006dd))
- set rimraf to 5.0.10
([#&#8203;7630](https://redirect.github.com/aws/aws-sdk-js-v3/pull/7630))
([367465e7](https://redirect.github.com/aws/aws-sdk-js-v3/commit/367465e7e697565e12e5bef91eeb060f0b622f86))
- **util-arn-parser:** mark arn parser internal
([#&#8203;7629](https://redirect.github.com/aws/aws-sdk-js-v3/pull/7629))
([7baf559c](https://redirect.github.com/aws/aws-sdk-js-v3/commit/7baf559cecaca0c6d500e4c8a375e8ac054968d2))
- **scripts:** script to get changed package list
([#&#8203;7628](https://redirect.github.com/aws/aws-sdk-js-v3/pull/7628))
([a470a0e1](https://redirect.github.com/aws/aws-sdk-js-v3/commit/a470a0e1de7c087ae7aced875b4db31538fabcad))

##### New Features

- **clients:** update client endpoints as of 2026-01-09
([060fef34](https://redirect.github.com/aws/aws-sdk-js-v3/commit/060fef3420727847ae6b20758ac861aec5812597))
- **client-medialive:** MediaPackage v2 output groups in MediaLive can
now accept one additional destination for single pipeline channels and
up to two additional destinations for standard channels. MediaPackage v2
destinations now support sending to cross region MediaPackage channels.
([ce039310](https://redirect.github.com/aws/aws-sdk-js-v3/commit/ce039310db8a23f0a23c6632ad1046ef977ed04e))
- **client-bedrock-agentcore-control:** Adds optional field "view" to
GetMemory API input to give customers control over whether CMK encrypted
data such as strategy decryption or override prompts is returned or not.
([c68a59e8](https://redirect.github.com/aws/aws-sdk-js-v3/commit/c68a59e81cb8413535a9a4fa8160627897f20c92))
- **client-transcribe:** Adds waiters to Amazon Transcribe.
([93eb18c5](https://redirect.github.com/aws/aws-sdk-js-v3/commit/93eb18c5dabe2062d6a8c4422382e830874953bf))
- **client-glue:** Adding MaterializedViews task run APIs
([d430d646](https://redirect.github.com/aws/aws-sdk-js-v3/commit/d430d646041c31a9c79377cfd4257ee74b4f5bd8))
- **client-cloudfront:** Added EntityLimitExceeded exception handling to
the following API operations AssociateDistributionWebACL,
AssociateDistributionTenantWebACL, UpdateDistributionWithStagingConfig
([858e6e8b](https://redirect.github.com/aws/aws-sdk-js-v3/commit/858e6e8b74ecb701a7ee3ad01dc3fd3171f779db))

***

For list of updated packages, view **updated-packages.md** in
**assets-3.966.0.zip**

###
[`v3.965.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39650-2026-01-07)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.964.0...v3.965.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.964.0`](https://redirect.github.com/aws/aws-sdk-js-v3/releases/tag/v3.964.0)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.962.0...v3.964.0)

##### 3.964.0(2026-01-06)

##### Chores

- **core:** ensure package build order
([#&#8203;7623](https://redirect.github.com/aws/aws-sdk-js-v3/pull/7623))
([3fa6ead6](https://redirect.github.com/aws/aws-sdk-js-v3/commit/3fa6ead66c30328f402461afda44f8ea769d0b79))

##### New Features

- **client-cost-explorer:** This release updates existing reservation
recommendations API to support deployment model.
([c9e728da](https://redirect.github.com/aws/aws-sdk-js-v3/commit/c9e728da65fc98ee3da8d145c0c39a37f327f7dd))
- **client-emr-serverless:** Added support for enabling disk encryption
using customer managed AWS KMS keys to CreateApplication,
UpdateApplication and StartJobRun APIs.
([9d932c38](https://redirect.github.com/aws/aws-sdk-js-v3/commit/9d932c38fdfacf45989a4bb733e10d9dddb91824))

##### Bug Fixes

- **core:** make CREDENTIALS\_CODE mutually exclusive with other
credential sources
([#&#8203;7615](https://redirect.github.com/aws/aws-sdk-js-v3/pull/7615))
([05e017ef](https://redirect.github.com/aws/aws-sdk-js-v3/commit/05e017ef8879b33a3fbe8a27df7a5b662831178d))

***

For list of updated packages, view **updated-packages.md** in
**assets-3.964.0.zip**

###
[`v3.962.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39620-2026-01-02)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.958.0...v3.962.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.958.0`](https://redirect.github.com/aws/aws-sdk-js-v3/releases/tag/v3.958.0)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.957.0...v3.958.0)

##### 3.958.0(2025-12-23)

##### Chores

- **client-elastic-transcoder:** remove elastic transcoder due to
service shutdown
([#&#8203;7602](https://redirect.github.com/aws/aws-sdk-js-v3/pull/7602))
([4381b2dc](https://redirect.github.com/aws/aws-sdk-js-v3/commit/4381b2dcf13e5f7f49f1f4318b77e59a032f0ab4))
- **build:** generate clients without formatting prettier/eslint
([#&#8203;7599](https://redirect.github.com/aws/aws-sdk-js-v3/pull/7599))
([da9c913a](https://redirect.github.com/aws/aws-sdk-js-v3/commit/da9c913a3235c270b3d0b978f5971e70bb1484a9))
- **codegen:** bump codegen version to 0.40.0
([#&#8203;7601](https://redirect.github.com/aws/aws-sdk-js-v3/pull/7601))
([4dc2bcb7](https://redirect.github.com/aws/aws-sdk-js-v3/commit/4dc2bcb7a46a589ee647816ec4bf2136fd6ee634))

##### New Features

- **clients:** update client endpoints as of 2025-12-23
([f5aa61b9](https://redirect.github.com/aws/aws-sdk-js-v3/commit/f5aa61b92c6b1b0f597706be5c47fc96c66e0021))
- **client-s3:** Add additional validation to Outpost bucket names.
([2f30457f](https://redirect.github.com/aws/aws-sdk-js-v3/commit/2f30457fc7256d5fbdaaa2ab07bf77dbdffab0e2))
- **client-geo-places:** Adds support for InferredSecondaryAddress place
type, Designator in SecondaryAddressComponent and Heading in
ReverseGeocode.
([1c6374da](https://redirect.github.com/aws/aws-sdk-js-v3/commit/1c6374dac803c99b13e8b16025bd03aa3a57282a))
- **client-pinpoint-sms-voice-v2:** This release adds support for the
Registration Reviewer feature, which provides generative AI feedback on
a phone number or sender ID registration to ensure completeness before
sending to downstream (carrier) review.
([ac0c236b](https://redirect.github.com/aws/aws-sdk-js-v3/commit/ac0c236ba38cd993193c80298819149e4b8a82a5))

##### Tests

- **client-sqs:** increase timeout from 5s to 60s
([#&#8203;7603](https://redirect.github.com/aws/aws-sdk-js-v3/pull/7603))
([c140520a](https://redirect.github.com/aws/aws-sdk-js-v3/commit/c140520a684920c4e8ad289c41e74c412f743e46))

***

For list of updated packages, view **updated-packages.md** in
**assets-3.958.0.zip**

###
[`v3.957.0`](https://redirect.github.com/aws/aws-sdk-js-v3/releases/tag/v3.957.0)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.956.0...v3.957.0)

##### 3.957.0(2025-12-22)

##### Chores

- move crc64NvmeCrtContainer to
'[@&#8203;aws-sdk/crc64-nvme](https://redirect.github.com/aws-sdk/crc64-nvme)'
([#&#8203;7600](https://redirect.github.com/aws/aws-sdk-js-v3/pull/7600))
([69196b71](https://redirect.github.com/aws/aws-sdk-js-v3/commit/69196b713ac03a8e888f2d8f41ca208937d454ed))
- move e2e tests from cucumber to vitest
([#&#8203;7539](https://redirect.github.com/aws/aws-sdk-js-v3/pull/7539))
([561b8900](https://redirect.github.com/aws/aws-sdk-js-v3/commit/561b8900a8034e734eac0a610eac11ca8f818209))
- **build:** replace lerna partial-tree build with turbo
([#&#8203;7597](https://redirect.github.com/aws/aws-sdk-js-v3/pull/7597))
([04bdba3e](https://redirect.github.com/aws/aws-sdk-js-v3/commit/04bdba3e20af1357fa76f12c3095666f94b12017))

##### Documentation Changes

- **client-pcs:** Change API Reference Documentation for default Mode in
Accounting and SlurmRest
([966f60ac](https://redirect.github.com/aws/aws-sdk-js-v3/commit/966f60ac5a015f005d8758c8ddcc24f690f44cbd))

##### New Features

- **client-config-service:** Added supported resourceTypes for Config
from July to November 2025
([2c7dab27](https://redirect.github.com/aws/aws-sdk-js-v3/commit/2c7dab27221af3ac083ace712056d3d369652f60))
- **client-ec2:** Adds support for linkedGroupId on the
CreatePlacementGroup and DescribePlacementGroups APIs. The linkedGroupId
parameter is reserved for future use.
([a492f734](https://redirect.github.com/aws/aws-sdk-js-v3/commit/a492f73438968bb208451503d32d196d2ff65a26))
- **client-guardduty:** Make accountIds a required field in
GetRemainingFreeTrialDays API to reflect service behavior.
([53e59c65](https://redirect.github.com/aws/aws-sdk-js-v3/commit/53e59c65fa7408042eb0427ca9804b4498006c59))
- **middleware-flexible-checksums:** use CRC64NVME JS implementation if
CRT is not available
([#&#8203;7595](https://redirect.github.com/aws/aws-sdk-js-v3/pull/7595))
([4c6ad409](https://redirect.github.com/aws/aws-sdk-js-v3/commit/4c6ad409225bc9b8db2d024f6de7136d64117bcb))

##### Bug Fixes

- **middleware-flexible-checksums:** advise user on
InvalidChunkSizeError
([#&#8203;7598](https://redirect.github.com/aws/aws-sdk-js-v3/pull/7598))
([6fa3b4cc](https://redirect.github.com/aws/aws-sdk-js-v3/commit/6fa3b4ccc643ebc6ade6146e5326a7d89bad1185))

***

For list of updated packages, view **updated-packages.md** in
**assets-3.957.0.zip**

###
[`v3.956.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39560-2025-12-19)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.955.0...v3.956.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.955.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39550-2025-12-18)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.954.0...v3.955.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.954.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39540-2025-12-17)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.953.0...v3.954.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.953.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39530-2025-12-16)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.952.0...v3.953.0)

##### Features

- **clients:** allow protocol selection by class constructor
([#&#8203;7568](https://redirect.github.com/aws/aws-sdk-js-v3/issues/7568))
([5c5fd2e](https://redirect.github.com/aws/aws-sdk-js-v3/commit/5c5fd2e627109cbcdb40ecf0947a5b638d517101))

###
[`v3.952.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39520-2025-12-15)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.948.0...v3.952.0)

##### Features

- **client-s3:** This release adds support for the new optional field
'LifecycleExpirationDate' in S3 Inventory configurations.
([55955e0](https://redirect.github.com/aws/aws-sdk-js-v3/commit/55955e018c9276e55a3479debe28593103dac5f4))

###
[`v3.948.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39480-2025-12-09)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.947.0...v3.948.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.947.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39470-2025-12-08)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.946.0...v3.947.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.946.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39460-2025-12-05)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.943.0...v3.946.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.943.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39430-2025-12-02)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.940.0...v3.943.0)

##### Features

- **client-s3:** New S3 Storage Class FSX\_ONTAP
([56ffa40](https://redirect.github.com/aws/aws-sdk-js-v3/commit/56ffa40ae180847a5e8d2e37d96356e6eaf38c72))

###
[`v3.940.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39400-2025-11-25)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.939.0...v3.940.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.939.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39390-2025-11-24)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.937.0...v3.939.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.937.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39370-2025-11-20)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.936.0...v3.937.0)

##### Features

- **client-s3:** Enable / Disable ABAC on a general purpose bucket.
([9816b26](https://redirect.github.com/aws/aws-sdk-js-v3/commit/9816b260680314d8883fc56e59e015fdd906f8b8))

###
[`v3.936.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39360-2025-11-19)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.935.0...v3.936.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.935.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39350-2025-11-19)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.934.0...v3.935.0)

##### Features

- **client-s3:** Adds support for blocking SSE-C writes to general
purpose buckets.
([cee2e72](https://redirect.github.com/aws/aws-sdk-js-v3/commit/cee2e72ffbcafb34a5283c9f4779c58c02a0be59))

###
[`v3.934.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39340-2025-11-18)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.933.0...v3.934.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.933.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39330-2025-11-17)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.932.0...v3.933.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.932.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39320-2025-11-14)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.931.0...v3.932.0)

##### Bug Fixes

- **core/protocols:** decorate service exceptions with unmodeled fields
([#&#8203;7504](https://redirect.github.com/aws/aws-sdk-js-v3/issues/7504))
([6de803d](https://redirect.github.com/aws/aws-sdk-js-v3/commit/6de803d7a3ed4832b557d334b7eadedd7ca651fa))

###
[`v3.931.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39310-2025-11-13)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.930.0...v3.931.0)

##### Features

- **clients:** use schema-serde in AWS REST XML clients
([#&#8203;7499](https://redirect.github.com/aws/aws-sdk-js-v3/issues/7499))
([f806a2b](https://redirect.github.com/aws/aws-sdk-js-v3/commit/f806a2b9eded9f82d488f3d81db36b9cba9da220))

###
[`v3.930.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39300-2025-11-12)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.929.0...v3.930.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.929.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39290-2025-11-11)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.928.0...v3.929.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.928.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39280-2025-11-10)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.927.0...v3.928.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.927.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39270-2025-11-07)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.926.0...v3.927.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.926.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39260-2025-11-06)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.925.0...v3.926.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.925.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39250-2025-11-05)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.922.0...v3.925.0)

##### Features

- **client-s3:** Launch IPv6 dual-stack support for S3 Express
([a6a3e29](https://redirect.github.com/aws/aws-sdk-js-v3/commit/a6a3e2980d299734956f0bccc69c094a8757549f))

###
[`v3.922.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39220-2025-10-31)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.921.0...v3.922.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.921.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39210-2025-10-30)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.920.0...v3.921.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.920.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39200-2025-10-29)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.919.0...v3.920.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.919.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39190-2025-10-28)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.918.0...v3.919.0)

##### Features

- **client-s3:** Amazon Simple Storage Service / Features: Add
conditional writes in CopyObject on destination key to prevent
unintended object modifications.
([2533edc](https://redirect.github.com/aws/aws-sdk-js-v3/commit/2533edce830d1f5070a44d4b99135a2146c5d2a6))

###
[`v3.918.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39180-2025-10-27)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.917.0...v3.918.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.917.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39170-2025-10-24)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.916.0...v3.917.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.916.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39160-2025-10-23)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.914.0...v3.916.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.914.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39140-2025-10-21)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.913.0...v3.914.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.913.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39130-2025-10-17)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.911.0...v3.913.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.911.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39110-2025-10-15)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.910.0...v3.911.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.910.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39100-2025-10-14)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.908.0...v3.910.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.908.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39080-2025-10-10)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.907.0...v3.908.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.907.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39070-2025-10-09)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.906.0...v3.907.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.906.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39060-2025-10-08)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.901.0...v3.906.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.901.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#39010-2025-10-01)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.899.0...v3.901.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.899.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#38990-2025-09-29)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.896.0...v3.899.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.896.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#38960-2025-09-24)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.895.0...v3.896.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.895.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#38950-2025-09-23)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.894.0...v3.895.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.894.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#38940-2025-09-22)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.893.0...v3.894.0)

##### Features

- **xml-builder:** use DOMParser for browser XML parsing
([#&#8203;7347](https://redirect.github.com/aws/aws-sdk-js-v3/issues/7347))
([af40250](https://redirect.github.com/aws/aws-sdk-js-v3/commit/af4025005e5c251d64b5cf3840d24e48d7ae1d91))

###
[`v3.893.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#38930-2025-09-19)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.892.0...v3.893.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.892.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#38920-2025-09-18)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.891.0...v3.892.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.891.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#38910-2025-09-17)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.890.0...v3.891.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.890.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#38900-2025-09-16)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.888.0...v3.890.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.888.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#38880-2025-09-12)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.887.0...v3.888.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.887.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#38870-2025-09-11)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.886.0...v3.887.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.886.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#38860-2025-09-10)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.884.0...v3.886.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.884.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#38840-2025-09-08)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.883.0...v3.884.0)

##### Features

- **client-s3:** This release includes backward compatibility work on
the "Expires" parameter.
([11d390e](https://redirect.github.com/aws/aws-sdk-js-v3/commit/11d390e1c84b7ac00d3b27fae7dda67404ff7818))

###
[`v3.883.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#38830-2025-09-05)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.882.0...v3.883.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.882.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#38820-2025-09-04)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.879.0...v3.882.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.879.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#38790-2025-08-29)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.878.0...v3.879.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.878.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#38780-2025-08-28)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.876.0...v3.878.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.876.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#38760-2025-08-26)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.873.0...v3.876.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.873.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#38730-2025-08-21)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.872.0...v3.873.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

###
[`v3.872.0`](https://redirect.github.com/aws/aws-sdk-js-v3/blob/HEAD/clients/client-s3/CHANGELOG.md#38720-2025-08-20)

[Compare
Source](https://redirect.github.com/aws/aws-sdk-js-v3/compare/v3.864.0...v3.872.0)

**Note:** Version bump only for package
[@&#8203;aws-sdk/client-s3](https://redirect.github.com/aws-sdk/client-s3)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - Only on Sunday and Saturday ( * * * * 0,6 ), Between 12:00
AM and 12:59 PM, only on Monday ( * 0-12 * * 1 ) in timezone Etc/UTC.

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR is behind base branch, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/TryGhost/Ghost).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMDIuMTEiLCJ1cGRhdGVkSW5WZXIiOiI0My4xMDIuMTEiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbXX0=-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
---
 ghost/core/package.json |    2 +-
 yarn.lock               | 1265 ++++++++++++++++++++++++---------------
 2 files changed, 797 insertions(+), 470 deletions(-)

diff --git a/ghost/core/package.json b/ghost/core/package.json
index 4ddbad9822c..7778301f8b4 100644
--- a/ghost/core/package.json
+++ b/ghost/core/package.json
@@ -67,7 +67,7 @@
     "cli": "^1.27.0"
   },
   "dependencies": {
-    "@aws-sdk/client-s3": "3.864.0",
+    "@aws-sdk/client-s3": "3.1023.0",
     "@extractus/oembed-extractor": "3.2.1",
     "@faker-js/faker": "7.6.0",
     "@isaacs/ttlcache": "1.4.1",
diff --git a/yarn.lock b/yarn.lock
index df8cc11d595..44688cfe955 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -163,69 +163,66 @@
     "@smithy/util-utf8" "^2.0.0"
     tslib "^2.6.2"
 
-"@aws-sdk/client-s3@3.864.0":
-  version "3.864.0"
-  resolved "https://registry.yarnpkg.com/@aws-sdk/client-s3/-/client-s3-3.864.0.tgz#ffbcbf0ba861fad711261b4174da3be19b1c7d5f"
-  integrity sha512-QGYi9bWliewxumsvbJLLyx9WC0a4DP4F+utygBcq0zwPxaM0xDfBspQvP1dsepi7mW5aAjZmJ2+Xb7X0EhzJ/g==
+"@aws-sdk/client-s3@3.1023.0":
+  version "3.1023.0"
+  resolved "https://registry.yarnpkg.com/@aws-sdk/client-s3/-/client-s3-3.1023.0.tgz#2d23522b0635942d3653d0c290ed1fc7e7a7621a"
+  integrity sha512-IvNy49sdoCWd3fgHQxail3y0UQdfKj1Xk0VPu9HTwlog60o9Lmp5ykjZ2LlIuHEPaxq4Siih707GB/ulUWgetw==
   dependencies:
     "@aws-crypto/sha1-browser" "5.2.0"
     "@aws-crypto/sha256-browser" "5.2.0"
     "@aws-crypto/sha256-js" "5.2.0"
-    "@aws-sdk/core" "3.864.0"
-    "@aws-sdk/credential-provider-node" "3.864.0"
-    "@aws-sdk/middleware-bucket-endpoint" "3.862.0"
-    "@aws-sdk/middleware-expect-continue" "3.862.0"
-    "@aws-sdk/middleware-flexible-checksums" "3.864.0"
-    "@aws-sdk/middleware-host-header" "3.862.0"
-    "@aws-sdk/middleware-location-constraint" "3.862.0"
-    "@aws-sdk/middleware-logger" "3.862.0"
-    "@aws-sdk/middleware-recursion-detection" "3.862.0"
-    "@aws-sdk/middleware-sdk-s3" "3.864.0"
-    "@aws-sdk/middleware-ssec" "3.862.0"
-    "@aws-sdk/middleware-user-agent" "3.864.0"
-    "@aws-sdk/region-config-resolver" "3.862.0"
-    "@aws-sdk/signature-v4-multi-region" "3.864.0"
-    "@aws-sdk/types" "3.862.0"
-    "@aws-sdk/util-endpoints" "3.862.0"
-    "@aws-sdk/util-user-agent-browser" "3.862.0"
-    "@aws-sdk/util-user-agent-node" "3.864.0"
-    "@aws-sdk/xml-builder" "3.862.0"
-    "@smithy/config-resolver" "^4.1.5"
-    "@smithy/core" "^3.8.0"
-    "@smithy/eventstream-serde-browser" "^4.0.5"
-    "@smithy/eventstream-serde-config-resolver" "^4.1.3"
-    "@smithy/eventstream-serde-node" "^4.0.5"
-    "@smithy/fetch-http-handler" "^5.1.1"
-    "@smithy/hash-blob-browser" "^4.0.5"
-    "@smithy/hash-node" "^4.0.5"
-    "@smithy/hash-stream-node" "^4.0.5"
-    "@smithy/invalid-dependency" "^4.0.5"
-    "@smithy/md5-js" "^4.0.5"
-    "@smithy/middleware-content-length" "^4.0.5"
-    "@smithy/middleware-endpoint" "^4.1.18"
-    "@smithy/middleware-retry" "^4.1.19"
-    "@smithy/middleware-serde" "^4.0.9"
-    "@smithy/middleware-stack" "^4.0.5"
-    "@smithy/node-config-provider" "^4.1.4"
-    "@smithy/node-http-handler" "^4.1.1"
-    "@smithy/protocol-http" "^5.1.3"
-    "@smithy/smithy-client" "^4.4.10"
-    "@smithy/types" "^4.3.2"
-    "@smithy/url-parser" "^4.0.5"
-    "@smithy/util-base64" "^4.0.0"
-    "@smithy/util-body-length-browser" "^4.0.0"
-    "@smithy/util-body-length-node" "^4.0.0"
-    "@smithy/util-defaults-mode-browser" "^4.0.26"
-    "@smithy/util-defaults-mode-node" "^4.0.26"
-    "@smithy/util-endpoints" "^3.0.7"
-    "@smithy/util-middleware" "^4.0.5"
-    "@smithy/util-retry" "^4.0.7"
-    "@smithy/util-stream" "^4.2.4"
-    "@smithy/util-utf8" "^4.0.0"
-    "@smithy/util-waiter" "^4.0.7"
-    "@types/uuid" "^9.0.1"
+    "@aws-sdk/core" "^3.973.26"
+    "@aws-sdk/credential-provider-node" "^3.972.29"
+    "@aws-sdk/middleware-bucket-endpoint" "^3.972.8"
+    "@aws-sdk/middleware-expect-continue" "^3.972.8"
+    "@aws-sdk/middleware-flexible-checksums" "^3.974.6"
+    "@aws-sdk/middleware-host-header" "^3.972.8"
+    "@aws-sdk/middleware-location-constraint" "^3.972.8"
+    "@aws-sdk/middleware-logger" "^3.972.8"
+    "@aws-sdk/middleware-recursion-detection" "^3.972.9"
+    "@aws-sdk/middleware-sdk-s3" "^3.972.27"
+    "@aws-sdk/middleware-ssec" "^3.972.8"
+    "@aws-sdk/middleware-user-agent" "^3.972.28"
+    "@aws-sdk/region-config-resolver" "^3.972.10"
+    "@aws-sdk/signature-v4-multi-region" "^3.996.15"
+    "@aws-sdk/types" "^3.973.6"
+    "@aws-sdk/util-endpoints" "^3.996.5"
+    "@aws-sdk/util-user-agent-browser" "^3.972.8"
+    "@aws-sdk/util-user-agent-node" "^3.973.14"
+    "@smithy/config-resolver" "^4.4.13"
+    "@smithy/core" "^3.23.13"
+    "@smithy/eventstream-serde-browser" "^4.2.12"
+    "@smithy/eventstream-serde-config-resolver" "^4.3.12"
+    "@smithy/eventstream-serde-node" "^4.2.12"
+    "@smithy/fetch-http-handler" "^5.3.15"
+    "@smithy/hash-blob-browser" "^4.2.13"
+    "@smithy/hash-node" "^4.2.12"
+    "@smithy/hash-stream-node" "^4.2.12"
+    "@smithy/invalid-dependency" "^4.2.12"
+    "@smithy/md5-js" "^4.2.12"
+    "@smithy/middleware-content-length" "^4.2.12"
+    "@smithy/middleware-endpoint" "^4.4.28"
+    "@smithy/middleware-retry" "^4.4.46"
+    "@smithy/middleware-serde" "^4.2.16"
+    "@smithy/middleware-stack" "^4.2.12"
+    "@smithy/node-config-provider" "^4.3.12"
+    "@smithy/node-http-handler" "^4.5.1"
+    "@smithy/protocol-http" "^5.3.12"
+    "@smithy/smithy-client" "^4.12.8"
+    "@smithy/types" "^4.13.1"
+    "@smithy/url-parser" "^4.2.12"
+    "@smithy/util-base64" "^4.3.2"
+    "@smithy/util-body-length-browser" "^4.2.2"
+    "@smithy/util-body-length-node" "^4.2.3"
+    "@smithy/util-defaults-mode-browser" "^4.3.44"
+    "@smithy/util-defaults-mode-node" "^4.2.48"
+    "@smithy/util-endpoints" "^3.3.3"
+    "@smithy/util-middleware" "^4.2.12"
+    "@smithy/util-retry" "^4.2.13"
+    "@smithy/util-stream" "^4.5.21"
+    "@smithy/util-utf8" "^4.2.2"
+    "@smithy/util-waiter" "^4.2.14"
     tslib "^2.6.2"
-    uuid "^9.0.1"
 
 "@aws-sdk/client-ses@^3.31.0", "@aws-sdk/client-ses@^3.731.1":
   version "3.864.0"
@@ -338,6 +335,33 @@
     fast-xml-parser "5.2.5"
     tslib "^2.6.2"
 
+"@aws-sdk/core@^3.973.26":
+  version "3.973.26"
+  resolved "https://registry.yarnpkg.com/@aws-sdk/core/-/core-3.973.26.tgz#5989c5300f9da7ed57f34b88091c77b4fa5d7256"
+  integrity sha512-A/E6n2W42ruU+sfWk+mMUOyVXbsSgGrY3MJ9/0Az5qUdG67y8I6HYzzoAa+e/lzxxl1uCYmEL6BTMi9ZiZnplQ==
+  dependencies:
+    "@aws-sdk/types" "^3.973.6"
+    "@aws-sdk/xml-builder" "^3.972.16"
+    "@smithy/core" "^3.23.13"
+    "@smithy/node-config-provider" "^4.3.12"
+    "@smithy/property-provider" "^4.2.12"
+    "@smithy/protocol-http" "^5.3.12"
+    "@smithy/signature-v4" "^5.3.12"
+    "@smithy/smithy-client" "^4.12.8"
+    "@smithy/types" "^4.13.1"
+    "@smithy/util-base64" "^4.3.2"
+    "@smithy/util-middleware" "^4.2.12"
+    "@smithy/util-utf8" "^4.2.2"
+    tslib "^2.6.2"
+
+"@aws-sdk/crc64-nvme@^3.972.5":
+  version "3.972.5"
+  resolved "https://registry.yarnpkg.com/@aws-sdk/crc64-nvme/-/crc64-nvme-3.972.5.tgz#8b6213341e86759568dbf2d7631c6820580d2969"
+  integrity sha512-2VbTstbjKdT+yKi8m7b3a9CiVac+pL/IY2PHJwsaGkkHmuuqkJZIErPck1h6P3T9ghQMLSdMPyW6Qp7Di5swFg==
+  dependencies:
+    "@smithy/types" "^4.13.1"
+    tslib "^2.6.2"
+
 "@aws-sdk/credential-provider-env@3.864.0":
   version "3.864.0"
   resolved "https://registry.yarnpkg.com/@aws-sdk/credential-provider-env/-/credential-provider-env-3.864.0.tgz#32e048eafaad51e3c67ef34d1310cc19f2f67c38"
@@ -349,6 +373,17 @@
     "@smithy/types" "^4.3.2"
     tslib "^2.6.2"
 
+"@aws-sdk/credential-provider-env@^3.972.24":
+  version "3.972.24"
+  resolved "https://registry.yarnpkg.com/@aws-sdk/credential-provider-env/-/credential-provider-env-3.972.24.tgz#bc33a34f15704d02552aa8b3994d17008b991f86"
+  integrity sha512-FWg8uFmT6vQM7VuzELzwVo5bzExGaKHdubn0StjgrcU5FvuLExUe+k06kn/40uKv59rYzhez8eFNM4yYE/Yb/w==
+  dependencies:
+    "@aws-sdk/core" "^3.973.26"
+    "@aws-sdk/types" "^3.973.6"
+    "@smithy/property-provider" "^4.2.12"
+    "@smithy/types" "^4.13.1"
+    tslib "^2.6.2"
+
 "@aws-sdk/credential-provider-http@3.864.0":
   version "3.864.0"
   resolved "https://registry.yarnpkg.com/@aws-sdk/credential-provider-http/-/credential-provider-http-3.864.0.tgz#e312b137c1fdce87adb5140b039516c077726f5c"
@@ -365,6 +400,22 @@
     "@smithy/util-stream" "^4.2.4"
     tslib "^2.6.2"
 
+"@aws-sdk/credential-provider-http@^3.972.26":
+  version "3.972.26"
+  resolved "https://registry.yarnpkg.com/@aws-sdk/credential-provider-http/-/credential-provider-http-3.972.26.tgz#6524c3681dbb62d3c4de82262631ab94b800f00e"
+  integrity sha512-CY4ppZ+qHYqcXqBVi//sdHST1QK3KzOEiLtpLsc9W2k2vfZPKExGaQIsOwcyvjpjUEolotitmd3mUNY56IwDEA==
+  dependencies:
+    "@aws-sdk/core" "^3.973.26"
+    "@aws-sdk/types" "^3.973.6"
+    "@smithy/fetch-http-handler" "^5.3.15"
+    "@smithy/node-http-handler" "^4.5.1"
+    "@smithy/property-provider" "^4.2.12"
+    "@smithy/protocol-http" "^5.3.12"
+    "@smithy/smithy-client" "^4.12.8"
+    "@smithy/types" "^4.13.1"
+    "@smithy/util-stream" "^4.5.21"
+    tslib "^2.6.2"
+
 "@aws-sdk/credential-provider-ini@3.864.0":
   version "3.864.0"
   resolved "https://registry.yarnpkg.com/@aws-sdk/credential-provider-ini/-/credential-provider-ini-3.864.0.tgz#3149745e91d030f191ad618e7ee15c92101ad24e"
@@ -384,6 +435,40 @@
     "@smithy/types" "^4.3.2"
     tslib "^2.6.2"
 
+"@aws-sdk/credential-provider-ini@^3.972.28":
+  version "3.972.28"
+  resolved "https://registry.yarnpkg.com/@aws-sdk/credential-provider-ini/-/credential-provider-ini-3.972.28.tgz#6bc0d684c245914dca7a1a4dd3c2d84212833320"
+  integrity sha512-wXYvq3+uQcZV7k+bE4yDXCTBdzWTU9x/nMiKBfzInmv6yYK1veMK0AKvRfRBd72nGWYKcL6AxwiPg9z/pYlgpw==
+  dependencies:
+    "@aws-sdk/core" "^3.973.26"
+    "@aws-sdk/credential-provider-env" "^3.972.24"
+    "@aws-sdk/credential-provider-http" "^3.972.26"
+    "@aws-sdk/credential-provider-login" "^3.972.28"
+    "@aws-sdk/credential-provider-process" "^3.972.24"
+    "@aws-sdk/credential-provider-sso" "^3.972.28"
+    "@aws-sdk/credential-provider-web-identity" "^3.972.28"
+    "@aws-sdk/nested-clients" "^3.996.18"
+    "@aws-sdk/types" "^3.973.6"
+    "@smithy/credential-provider-imds" "^4.2.12"
+    "@smithy/property-provider" "^4.2.12"
+    "@smithy/shared-ini-file-loader" "^4.4.7"
+    "@smithy/types" "^4.13.1"
+    tslib "^2.6.2"
+
+"@aws-sdk/credential-provider-login@^3.972.28":
+  version "3.972.28"
+  resolved "https://registry.yarnpkg.com/@aws-sdk/credential-provider-login/-/credential-provider-login-3.972.28.tgz#b2d47d4d43690d2d824edc94ce955d86dd3877f1"
+  integrity sha512-ZSTfO6jqUTCysbdBPtEX5OUR//3rbD0lN7jO3sQeS2Gjr/Y+DT6SbIJ0oT2cemNw3UzKu97sNONd1CwNMthuZQ==
+  dependencies:
+    "@aws-sdk/core" "^3.973.26"
+    "@aws-sdk/nested-clients" "^3.996.18"
+    "@aws-sdk/types" "^3.973.6"
+    "@smithy/property-provider" "^4.2.12"
+    "@smithy/protocol-http" "^5.3.12"
+    "@smithy/shared-ini-file-loader" "^4.4.7"
+    "@smithy/types" "^4.13.1"
+    tslib "^2.6.2"
+
 "@aws-sdk/credential-provider-node@3.864.0":
   version "3.864.0"
   resolved "https://registry.yarnpkg.com/@aws-sdk/credential-provider-node/-/credential-provider-node-3.864.0.tgz#d01277b53ac179d2ea97ba16147ba0cb3f710aae"
@@ -402,6 +487,24 @@
     "@smithy/types" "^4.3.2"
     tslib "^2.6.2"
 
+"@aws-sdk/credential-provider-node@^3.972.29":
+  version "3.972.29"
+  resolved "https://registry.yarnpkg.com/@aws-sdk/credential-provider-node/-/credential-provider-node-3.972.29.tgz#4bcc991fcbf245f75494a119b3446a678a51e019"
+  integrity sha512-clSzDcvndpFJAggLDnDb36sPdlZYyEs5Zm6zgZjjUhwsJgSWiWKwFIXUVBcbruidNyBdbpOv2tNDL9sX8y3/0g==
+  dependencies:
+    "@aws-sdk/credential-provider-env" "^3.972.24"
+    "@aws-sdk/credential-provider-http" "^3.972.26"
+    "@aws-sdk/credential-provider-ini" "^3.972.28"
+    "@aws-sdk/credential-provider-process" "^3.972.24"
+    "@aws-sdk/credential-provider-sso" "^3.972.28"
+    "@aws-sdk/credential-provider-web-identity" "^3.972.28"
+    "@aws-sdk/types" "^3.973.6"
+    "@smithy/credential-provider-imds" "^4.2.12"
+    "@smithy/property-provider" "^4.2.12"
+    "@smithy/shared-ini-file-loader" "^4.4.7"
+    "@smithy/types" "^4.13.1"
+    tslib "^2.6.2"
+
 "@aws-sdk/credential-provider-process@3.864.0":
   version "3.864.0"
   resolved "https://registry.yarnpkg.com/@aws-sdk/credential-provider-process/-/credential-provider-process-3.864.0.tgz#5f39e34a084cfa07966874955fa3aa0f966bcf15"
@@ -414,6 +517,18 @@
     "@smithy/types" "^4.3.2"
     tslib "^2.6.2"
 
+"@aws-sdk/credential-provider-process@^3.972.24":
+  version "3.972.24"
+  resolved "https://registry.yarnpkg.com/@aws-sdk/credential-provider-process/-/credential-provider-process-3.972.24.tgz#940c76a2db0aece23879dcf75ac5b6ee8f8fa135"
+  integrity sha512-Q2k/XLrFXhEztPHqj4SLCNID3hEPdlhh1CDLBpNnM+1L8fq7P+yON9/9M1IGN/dA5W45v44ylERfXtDAlmMNmw==
+  dependencies:
+    "@aws-sdk/core" "^3.973.26"
+    "@aws-sdk/types" "^3.973.6"
+    "@smithy/property-provider" "^4.2.12"
+    "@smithy/shared-ini-file-loader" "^4.4.7"
+    "@smithy/types" "^4.13.1"
+    tslib "^2.6.2"
+
 "@aws-sdk/credential-provider-sso@3.864.0":
   version "3.864.0"
   resolved "https://registry.yarnpkg.com/@aws-sdk/credential-provider-sso/-/credential-provider-sso-3.864.0.tgz#1556640016f9bd3dd1c2e140270098a75c922ca3"
@@ -428,6 +543,20 @@
     "@smithy/types" "^4.3.2"
     tslib "^2.6.2"
 
+"@aws-sdk/credential-provider-sso@^3.972.28":
+  version "3.972.28"
+  resolved "https://registry.yarnpkg.com/@aws-sdk/credential-provider-sso/-/credential-provider-sso-3.972.28.tgz#bf150bfb7e708d58f35bb2b5786b902df19fd92d"
+  integrity sha512-IoUlmKMLEITFn1SiCTjPfR6KrE799FBo5baWyk/5Ppar2yXZoUdaRqZzJzK6TcJxx450M8m8DbpddRVYlp5R/A==
+  dependencies:
+    "@aws-sdk/core" "^3.973.26"
+    "@aws-sdk/nested-clients" "^3.996.18"
+    "@aws-sdk/token-providers" "3.1021.0"
+    "@aws-sdk/types" "^3.973.6"
+    "@smithy/property-provider" "^4.2.12"
+    "@smithy/shared-ini-file-loader" "^4.4.7"
+    "@smithy/types" "^4.13.1"
+    tslib "^2.6.2"
+
 "@aws-sdk/credential-provider-web-identity@3.864.0":
   version "3.864.0"
   resolved "https://registry.yarnpkg.com/@aws-sdk/credential-provider-web-identity/-/credential-provider-web-identity-3.864.0.tgz#5cf54ec064957552e4c8c9070fd2b313f152a776"
@@ -440,46 +569,60 @@
     "@smithy/types" "^4.3.2"
     tslib "^2.6.2"
 
-"@aws-sdk/middleware-bucket-endpoint@3.862.0":
-  version "3.862.0"
-  resolved "https://registry.yarnpkg.com/@aws-sdk/middleware-bucket-endpoint/-/middleware-bucket-endpoint-3.862.0.tgz#8d318eccfa987cfa4e6c5f62539d99bcbe6dec30"
-  integrity sha512-Wcsc7VPLjImQw+CP1/YkwyofMs9Ab6dVq96iS8p0zv0C6YTaMjvillkau4zFfrrrTshdzFWKptIFhKK8Zsei1g==
-  dependencies:
-    "@aws-sdk/types" "3.862.0"
-    "@aws-sdk/util-arn-parser" "3.804.0"
-    "@smithy/node-config-provider" "^4.1.4"
-    "@smithy/protocol-http" "^5.1.3"
-    "@smithy/types" "^4.3.2"
-    "@smithy/util-config-provider" "^4.0.0"
+"@aws-sdk/credential-provider-web-identity@^3.972.28":
+  version "3.972.28"
+  resolved "https://registry.yarnpkg.com/@aws-sdk/credential-provider-web-identity/-/credential-provider-web-identity-3.972.28.tgz#27fc2a0fe0d2ff1460171d2a6912898c2235a7df"
+  integrity sha512-d+6h0SD8GGERzKe27v5rOzNGKOl0D+l0bWJdqrxH8WSQzHzjsQFIAPgIeOTUwBHVsKKwtSxc91K/SWax6XgswQ==
+  dependencies:
+    "@aws-sdk/core" "^3.973.26"
+    "@aws-sdk/nested-clients" "^3.996.18"
+    "@aws-sdk/types" "^3.973.6"
+    "@smithy/property-provider" "^4.2.12"
+    "@smithy/shared-ini-file-loader" "^4.4.7"
+    "@smithy/types" "^4.13.1"
     tslib "^2.6.2"
 
-"@aws-sdk/middleware-expect-continue@3.862.0":
-  version "3.862.0"
-  resolved "https://registry.yarnpkg.com/@aws-sdk/middleware-expect-continue/-/middleware-expect-continue-3.862.0.tgz#f53c28c41f63859362797fd76e993365b598d0ba"
-  integrity sha512-oG3AaVUJ+26p0ESU4INFn6MmqqiBFZGrebST66Or+YBhteed2rbbFl7mCfjtPWUFgquQlvT1UP19P3LjQKeKpw==
+"@aws-sdk/middleware-bucket-endpoint@^3.972.8":
+  version "3.972.8"
+  resolved "https://registry.yarnpkg.com/@aws-sdk/middleware-bucket-endpoint/-/middleware-bucket-endpoint-3.972.8.tgz#cbb5eccad6e699991027dbd35e88153f92ea5082"
+  integrity sha512-WR525Rr2QJSETa9a050isktyWi/4yIGcmY3BQ1kpHqb0LqUglQHCS8R27dTJxxWNZvQ0RVGtEZjTCbZJpyF3Aw==
+  dependencies:
+    "@aws-sdk/types" "^3.973.6"
+    "@aws-sdk/util-arn-parser" "^3.972.3"
+    "@smithy/node-config-provider" "^4.3.12"
+    "@smithy/protocol-http" "^5.3.12"
+    "@smithy/types" "^4.13.1"
+    "@smithy/util-config-provider" "^4.2.2"
+    tslib "^2.6.2"
+
+"@aws-sdk/middleware-expect-continue@^3.972.8":
+  version "3.972.8"
+  resolved "https://registry.yarnpkg.com/@aws-sdk/middleware-expect-continue/-/middleware-expect-continue-3.972.8.tgz#47857e3f8d792c702a0212dc565d32eefa4fac67"
+  integrity sha512-5DTBTiotEES1e2jOHAq//zyzCjeMB78lEHd35u15qnrid4Nxm7diqIf9fQQ3Ov0ChH1V3Vvt13thOnrACmfGVQ==
   dependencies:
-    "@aws-sdk/types" "3.862.0"
-    "@smithy/protocol-http" "^5.1.3"
-    "@smithy/types" "^4.3.2"
+    "@aws-sdk/types" "^3.973.6"
+    "@smithy/protocol-http" "^5.3.12"
+    "@smithy/types" "^4.13.1"
     tslib "^2.6.2"
 
-"@aws-sdk/middleware-flexible-checksums@3.864.0":
-  version "3.864.0"
-  resolved "https://registry.yarnpkg.com/@aws-sdk/middleware-flexible-checksums/-/middleware-flexible-checksums-3.864.0.tgz#fcbb40ae1513f96185ec961693c0f55ec1f4da18"
-  integrity sha512-MvakvzPZi9uyP3YADuIqtk/FAcPFkyYFWVVMf5iFs/rCdk0CUzn02Qf4CSuyhbkS6Y0KrAsMgKR4MgklPU79Wg==
+"@aws-sdk/middleware-flexible-checksums@^3.974.6":
+  version "3.974.6"
+  resolved "https://registry.yarnpkg.com/@aws-sdk/middleware-flexible-checksums/-/middleware-flexible-checksums-3.974.6.tgz#9c2fcda36161c60dc7555b655d66bc4cf3c7337c"
+  integrity sha512-YckB8k1ejbyCg/g36gUMFLNzE4W5cERIa4MtsdO+wpTmJEP0+TB7okWIt7d8TDOvnb7SwvxJ21E4TGOBxFpSWQ==
   dependencies:
     "@aws-crypto/crc32" "5.2.0"
     "@aws-crypto/crc32c" "5.2.0"
     "@aws-crypto/util" "5.2.0"
-    "@aws-sdk/core" "3.864.0"
-    "@aws-sdk/types" "3.862.0"
-    "@smithy/is-array-buffer" "^4.0.0"
-    "@smithy/node-config-provider" "^4.1.4"
-    "@smithy/protocol-http" "^5.1.3"
-    "@smithy/types" "^4.3.2"
-    "@smithy/util-middleware" "^4.0.5"
-    "@smithy/util-stream" "^4.2.4"
-    "@smithy/util-utf8" "^4.0.0"
+    "@aws-sdk/core" "^3.973.26"
+    "@aws-sdk/crc64-nvme" "^3.972.5"
+    "@aws-sdk/types" "^3.973.6"
+    "@smithy/is-array-buffer" "^4.2.2"
+    "@smithy/node-config-provider" "^4.3.12"
+    "@smithy/protocol-http" "^5.3.12"
+    "@smithy/types" "^4.13.1"
+    "@smithy/util-middleware" "^4.2.12"
+    "@smithy/util-stream" "^4.5.21"
+    "@smithy/util-utf8" "^4.2.2"
     tslib "^2.6.2"
 
 "@aws-sdk/middleware-host-header@3.862.0":
@@ -492,13 +635,23 @@
     "@smithy/types" "^4.3.2"
     tslib "^2.6.2"
 
-"@aws-sdk/middleware-location-constraint@3.862.0":
-  version "3.862.0"
-  resolved "https://registry.yarnpkg.com/@aws-sdk/middleware-location-constraint/-/middleware-location-constraint-3.862.0.tgz#d55babadc9f9b7150c56b028fc6953021a5a565a"
-  integrity sha512-MnwLxCw7Cc9OngEH3SHFhrLlDI9WVxaBkp3oTsdY9JE7v8OE38wQ9vtjaRsynjwu0WRtrctSHbpd7h/QVvtjyA==
+"@aws-sdk/middleware-host-header@^3.972.8":
+  version "3.972.8"
+  resolved "https://registry.yarnpkg.com/@aws-sdk/middleware-host-header/-/middleware-host-header-3.972.8.tgz#72186e96500b49b38fb5482d6b7bf95e5b985281"
+  integrity sha512-wAr2REfKsqoKQ+OkNqvOShnBoh+nkPurDKW7uAeVSu6kUECnWlSJiPvnoqxGlfousEY/v9LfS9sNc46hjSYDIQ==
   dependencies:
-    "@aws-sdk/types" "3.862.0"
-    "@smithy/types" "^4.3.2"
+    "@aws-sdk/types" "^3.973.6"
+    "@smithy/protocol-http" "^5.3.12"
+    "@smithy/types" "^4.13.1"
+    tslib "^2.6.2"
+
+"@aws-sdk/middleware-location-constraint@^3.972.8":
+  version "3.972.8"
+  resolved "https://registry.yarnpkg.com/@aws-sdk/middleware-location-constraint/-/middleware-location-constraint-3.972.8.tgz#67e15d3ca55e825596fcc36da9aaf9f482da6fc9"
+  integrity sha512-KaUoFuoFPziIa98DSQsTPeke1gvGXlc5ZGMhy+b+nLxZ4A7jmJgLzjEF95l8aOQN2T/qlPP3MrAyELm8ExXucw==
+  dependencies:
+    "@aws-sdk/types" "^3.973.6"
+    "@smithy/types" "^4.13.1"
     tslib "^2.6.2"
 
 "@aws-sdk/middleware-logger@3.862.0":
@@ -510,6 +663,15 @@
     "@smithy/types" "^4.3.2"
     tslib "^2.6.2"
 
+"@aws-sdk/middleware-logger@^3.972.8":
+  version "3.972.8"
+  resolved "https://registry.yarnpkg.com/@aws-sdk/middleware-logger/-/middleware-logger-3.972.8.tgz#7fee4223afcb6f7828dbdf4ea745ce15027cf384"
+  integrity sha512-CWl5UCM57WUFaFi5kB7IBY1UmOeLvNZAZ2/OZ5l20ldiJ3TiIz1pC65gYj8X0BCPWkeR1E32mpsCk1L1I4n+lA==
+  dependencies:
+    "@aws-sdk/types" "^3.973.6"
+    "@smithy/types" "^4.13.1"
+    tslib "^2.6.2"
+
 "@aws-sdk/middleware-recursion-detection@3.862.0":
   version "3.862.0"
   resolved "https://registry.yarnpkg.com/@aws-sdk/middleware-recursion-detection/-/middleware-recursion-detection-3.862.0.tgz#d83433251e550b7ed9cd731a447c92aaec378f01"
@@ -520,33 +682,44 @@
     "@smithy/types" "^4.3.2"
     tslib "^2.6.2"
 
-"@aws-sdk/middleware-sdk-s3@3.864.0":
-  version "3.864.0"
-  resolved "https://registry.yarnpkg.com/@aws-sdk/middleware-sdk-s3/-/middleware-sdk-s3-3.864.0.tgz#5142210471ed702452277ad653af483147c42598"
-  integrity sha512-GjYPZ6Xnqo17NnC8NIQyvvdzzO7dm+Ks7gpxD/HsbXPmV2aEfuFveJXneGW9e1BheSKFff6FPDWu8Gaj2Iu1yg==
+"@aws-sdk/middleware-recursion-detection@^3.972.9":
+  version "3.972.9"
+  resolved "https://registry.yarnpkg.com/@aws-sdk/middleware-recursion-detection/-/middleware-recursion-detection-3.972.9.tgz#53a2cc0cf827863163b2351209212f642015c2e2"
+  integrity sha512-/Wt5+CT8dpTFQxEJ9iGy/UGrXr7p2wlIOEHvIr/YcHYByzoLjrqkYqXdJjd9UIgWjv7eqV2HnFJen93UTuwfTQ==
   dependencies:
-    "@aws-sdk/core" "3.864.0"
-    "@aws-sdk/types" "3.862.0"
-    "@aws-sdk/util-arn-parser" "3.804.0"
-    "@smithy/core" "^3.8.0"
-    "@smithy/node-config-provider" "^4.1.4"
-    "@smithy/protocol-http" "^5.1.3"
-    "@smithy/signature-v4" "^5.1.3"
-    "@smithy/smithy-client" "^4.4.10"
-    "@smithy/types" "^4.3.2"
-    "@smithy/util-config-provider" "^4.0.0"
-    "@smithy/util-middleware" "^4.0.5"
-    "@smithy/util-stream" "^4.2.4"
-    "@smithy/util-utf8" "^4.0.0"
+    "@aws-sdk/types" "^3.973.6"
+    "@aws/lambda-invoke-store" "^0.2.2"
+    "@smithy/protocol-http" "^5.3.12"
+    "@smithy/types" "^4.13.1"
     tslib "^2.6.2"
 
-"@aws-sdk/middleware-ssec@3.862.0":
-  version "3.862.0"
-  resolved "https://registry.yarnpkg.com/@aws-sdk/middleware-ssec/-/middleware-ssec-3.862.0.tgz#d6c7d03c966cb6642acec8c7f046afd3a72c0f7c"
-  integrity sha512-72VtP7DZC8lYTE2L3Efx2BrD98oe9WTK8X6hmd3WTLkbIjvgWQWIdjgaFXBs8WevsXkewIctfyA3KEezvL5ggw==
+"@aws-sdk/middleware-sdk-s3@^3.972.27":
+  version "3.972.27"
+  resolved "https://registry.yarnpkg.com/@aws-sdk/middleware-sdk-s3/-/middleware-sdk-s3-3.972.27.tgz#df02460d364f46886fc553e224850b14d1c87097"
+  integrity sha512-gomO6DZwx+1D/9mbCpcqO5tPBqYBK7DtdgjTIjZ4yvfh/S7ETwAPS0XbJgP2JD8Ycr5CwVrEkV1sFtu3ShXeOw==
+  dependencies:
+    "@aws-sdk/core" "^3.973.26"
+    "@aws-sdk/types" "^3.973.6"
+    "@aws-sdk/util-arn-parser" "^3.972.3"
+    "@smithy/core" "^3.23.13"
+    "@smithy/node-config-provider" "^4.3.12"
+    "@smithy/protocol-http" "^5.3.12"
+    "@smithy/signature-v4" "^5.3.12"
+    "@smithy/smithy-client" "^4.12.8"
+    "@smithy/types" "^4.13.1"
+    "@smithy/util-config-provider" "^4.2.2"
+    "@smithy/util-middleware" "^4.2.12"
+    "@smithy/util-stream" "^4.5.21"
+    "@smithy/util-utf8" "^4.2.2"
+    tslib "^2.6.2"
+
+"@aws-sdk/middleware-ssec@^3.972.8":
+  version "3.972.8"
+  resolved "https://registry.yarnpkg.com/@aws-sdk/middleware-ssec/-/middleware-ssec-3.972.8.tgz#4f71982bad76a907e4f5771796d18372e063c511"
+  integrity sha512-wqlK0yO/TxEC2UsY9wIlqeeutF6jjLe0f96Pbm40XscTo57nImUk9lBcw0dPgsm0sppFtAkSlDrfpK+pC30Wqw==
   dependencies:
-    "@aws-sdk/types" "3.862.0"
-    "@smithy/types" "^4.3.2"
+    "@aws-sdk/types" "^3.973.6"
+    "@smithy/types" "^4.13.1"
     tslib "^2.6.2"
 
 "@aws-sdk/middleware-user-agent@3.864.0":
@@ -562,6 +735,20 @@
     "@smithy/types" "^4.3.2"
     tslib "^2.6.2"
 
+"@aws-sdk/middleware-user-agent@^3.972.28":
+  version "3.972.28"
+  resolved "https://registry.yarnpkg.com/@aws-sdk/middleware-user-agent/-/middleware-user-agent-3.972.28.tgz#7f81d96d2fed0334ff601af62d77e14f67fb9d22"
+  integrity sha512-cfWZFlVh7Va9lRay4PN2A9ARFzaBYcA097InT5M2CdRS05ECF5yaz86jET8Wsl2WcyKYEvVr/QNmKtYtafUHtQ==
+  dependencies:
+    "@aws-sdk/core" "^3.973.26"
+    "@aws-sdk/types" "^3.973.6"
+    "@aws-sdk/util-endpoints" "^3.996.5"
+    "@smithy/core" "^3.23.13"
+    "@smithy/protocol-http" "^5.3.12"
+    "@smithy/types" "^4.13.1"
+    "@smithy/util-retry" "^4.2.13"
+    tslib "^2.6.2"
+
 "@aws-sdk/nested-clients@3.864.0":
   version "3.864.0"
   resolved "https://registry.yarnpkg.com/@aws-sdk/nested-clients/-/nested-clients-3.864.0.tgz#8d8b7e8e481649ae0f6ef37339b07cd8f6405e74"
@@ -606,6 +793,50 @@
     "@smithy/util-utf8" "^4.0.0"
     tslib "^2.6.2"
 
+"@aws-sdk/nested-clients@^3.996.18":
+  version "3.996.18"
+  resolved "https://registry.yarnpkg.com/@aws-sdk/nested-clients/-/nested-clients-3.996.18.tgz#b5f2403bef822e1ac01d3f7f6f2849f23d94beb9"
+  integrity sha512-c7ZSIXrESxHKx2Mcopgd8AlzZgoXMr20fkx5ViPWPOLBvmyhw9VwJx/Govg8Ef/IhEon5R9l53Z8fdYSEmp6VA==
+  dependencies:
+    "@aws-crypto/sha256-browser" "5.2.0"
+    "@aws-crypto/sha256-js" "5.2.0"
+    "@aws-sdk/core" "^3.973.26"
+    "@aws-sdk/middleware-host-header" "^3.972.8"
+    "@aws-sdk/middleware-logger" "^3.972.8"
+    "@aws-sdk/middleware-recursion-detection" "^3.972.9"
+    "@aws-sdk/middleware-user-agent" "^3.972.28"
+    "@aws-sdk/region-config-resolver" "^3.972.10"
+    "@aws-sdk/types" "^3.973.6"
+    "@aws-sdk/util-endpoints" "^3.996.5"
+    "@aws-sdk/util-user-agent-browser" "^3.972.8"
+    "@aws-sdk/util-user-agent-node" "^3.973.14"
+    "@smithy/config-resolver" "^4.4.13"
+    "@smithy/core" "^3.23.13"
+    "@smithy/fetch-http-handler" "^5.3.15"
+    "@smithy/hash-node" "^4.2.12"
+    "@smithy/invalid-dependency" "^4.2.12"
+    "@smithy/middleware-content-length" "^4.2.12"
+    "@smithy/middleware-endpoint" "^4.4.28"
+    "@smithy/middleware-retry" "^4.4.46"
+    "@smithy/middleware-serde" "^4.2.16"
+    "@smithy/middleware-stack" "^4.2.12"
+    "@smithy/node-config-provider" "^4.3.12"
+    "@smithy/node-http-handler" "^4.5.1"
+    "@smithy/protocol-http" "^5.3.12"
+    "@smithy/smithy-client" "^4.12.8"
+    "@smithy/types" "^4.13.1"
+    "@smithy/url-parser" "^4.2.12"
+    "@smithy/util-base64" "^4.3.2"
+    "@smithy/util-body-length-browser" "^4.2.2"
+    "@smithy/util-body-length-node" "^4.2.3"
+    "@smithy/util-defaults-mode-browser" "^4.3.44"
+    "@smithy/util-defaults-mode-node" "^4.2.48"
+    "@smithy/util-endpoints" "^3.3.3"
+    "@smithy/util-middleware" "^4.2.12"
+    "@smithy/util-retry" "^4.2.13"
+    "@smithy/util-utf8" "^4.2.2"
+    tslib "^2.6.2"
+
 "@aws-sdk/region-config-resolver@3.862.0":
   version "3.862.0"
   resolved "https://registry.yarnpkg.com/@aws-sdk/region-config-resolver/-/region-config-resolver-3.862.0.tgz#99e7942be513abacb715d06781e6f4d62b3e9cf2"
@@ -618,16 +849,40 @@
     "@smithy/util-middleware" "^4.0.5"
     tslib "^2.6.2"
 
-"@aws-sdk/signature-v4-multi-region@3.864.0":
-  version "3.864.0"
-  resolved "https://registry.yarnpkg.com/@aws-sdk/signature-v4-multi-region/-/signature-v4-multi-region-3.864.0.tgz#75e24f5382aa77b7e629f8feb366bcf2a358ffb8"
-  integrity sha512-w2HIn/WIcUyv1bmyCpRUKHXB5KdFGzyxPkp/YK5g+/FuGdnFFYWGfcO8O+How4jwrZTarBYsAHW9ggoKvwr37w==
+"@aws-sdk/region-config-resolver@^3.972.10":
+  version "3.972.10"
+  resolved "https://registry.yarnpkg.com/@aws-sdk/region-config-resolver/-/region-config-resolver-3.972.10.tgz#cbabd969a2d4fedb652273403e64d98b79d0144c"
+  integrity sha512-1dq9ToC6e070QvnVhhbAs3bb5r6cQ10gTVc6cyRV5uvQe7P138TV2uG2i6+Yok4bAkVAcx5AqkTEBUvWEtBlsQ==
   dependencies:
-    "@aws-sdk/middleware-sdk-s3" "3.864.0"
-    "@aws-sdk/types" "3.862.0"
-    "@smithy/protocol-http" "^5.1.3"
-    "@smithy/signature-v4" "^5.1.3"
-    "@smithy/types" "^4.3.2"
+    "@aws-sdk/types" "^3.973.6"
+    "@smithy/config-resolver" "^4.4.13"
+    "@smithy/node-config-provider" "^4.3.12"
+    "@smithy/types" "^4.13.1"
+    tslib "^2.6.2"
+
+"@aws-sdk/signature-v4-multi-region@^3.996.15":
+  version "3.996.15"
+  resolved "https://registry.yarnpkg.com/@aws-sdk/signature-v4-multi-region/-/signature-v4-multi-region-3.996.15.tgz#aa361982c5cc6c4d36fb6ac9d04bd18e043720bd"
+  integrity sha512-Ukw2RpqvaL96CjfH/FgfBmy/ZosHBqoHBCFsN61qGg99F33vpntIVii8aNeh65XuOja73arSduskoa4OJea9RQ==
+  dependencies:
+    "@aws-sdk/middleware-sdk-s3" "^3.972.27"
+    "@aws-sdk/types" "^3.973.6"
+    "@smithy/protocol-http" "^5.3.12"
+    "@smithy/signature-v4" "^5.3.12"
+    "@smithy/types" "^4.13.1"
+    tslib "^2.6.2"
+
+"@aws-sdk/token-providers@3.1021.0":
+  version "3.1021.0"
+  resolved "https://registry.yarnpkg.com/@aws-sdk/token-providers/-/token-providers-3.1021.0.tgz#90905a8def49f90e54a73849e25ad4bcc4dbea2a"
+  integrity sha512-TKY6h9spUk3OLs5v1oAgW9mAeBE3LAGNBwJokLy96wwmd4W2v/tYlXseProyed9ValDj2u1jK/4Rg1T+1NXyJA==
+  dependencies:
+    "@aws-sdk/core" "^3.973.26"
+    "@aws-sdk/nested-clients" "^3.996.18"
+    "@aws-sdk/types" "^3.973.6"
+    "@smithy/property-provider" "^4.2.12"
+    "@smithy/shared-ini-file-loader" "^4.4.7"
+    "@smithy/types" "^4.13.1"
     tslib "^2.6.2"
 
 "@aws-sdk/token-providers@3.864.0":
@@ -643,7 +898,7 @@
     "@smithy/types" "^4.3.2"
     tslib "^2.6.2"
 
-"@aws-sdk/types@3.862.0", "@aws-sdk/types@^3.222.0":
+"@aws-sdk/types@3.862.0":
   version "3.862.0"
   resolved "https://registry.yarnpkg.com/@aws-sdk/types/-/types-3.862.0.tgz#2f5622e1aa3a5281d4f419f5d2c90f87dd5ff0cf"
   integrity sha512-Bei+RL0cDxxV+lW2UezLbCYYNeJm6Nzee0TpW0FfyTRBhH9C1XQh4+x+IClriXvgBnRquTMMYsmJfvx8iyLKrg==
@@ -651,10 +906,18 @@
     "@smithy/types" "^4.3.2"
     tslib "^2.6.2"
 
-"@aws-sdk/util-arn-parser@3.804.0":
-  version "3.804.0"
-  resolved "https://registry.yarnpkg.com/@aws-sdk/util-arn-parser/-/util-arn-parser-3.804.0.tgz#d0b52bf5f9ae5b2c357a635551e5844dcad074c8"
-  integrity sha512-wmBJqn1DRXnZu3b4EkE6CWnoWMo1ZMvlfkqU5zPz67xx1GMaXlDCchFvKAXMjk4jn/L1O3tKnoFDNsoLV1kgNQ==
+"@aws-sdk/types@^3.222.0", "@aws-sdk/types@^3.973.6":
+  version "3.973.6"
+  resolved "https://registry.yarnpkg.com/@aws-sdk/types/-/types-3.973.6.tgz#1964a7c01b5cb18befa445998ad1d02f86c5432d"
+  integrity sha512-Atfcy4E++beKtwJHiDln2Nby8W/mam64opFPTiHEqgsthqeydFS1pY+OUlN1ouNOmf8ArPU/6cDS65anOP3KQw==
+  dependencies:
+    "@smithy/types" "^4.13.1"
+    tslib "^2.6.2"
+
+"@aws-sdk/util-arn-parser@^3.972.3":
+  version "3.972.3"
+  resolved "https://registry.yarnpkg.com/@aws-sdk/util-arn-parser/-/util-arn-parser-3.972.3.tgz#ed989862bbb172ce16d9e1cd5790e5fe367219c2"
+  integrity sha512-HzSD8PMFrvgi2Kserxuff5VitNq2sgf3w9qxmskKDiDTThWfVteJxuCS9JXiPIPtmCrp+7N9asfIaVhBFORllA==
   dependencies:
     tslib "^2.6.2"
 
@@ -669,6 +932,17 @@
     "@smithy/util-endpoints" "^3.0.7"
     tslib "^2.6.2"
 
+"@aws-sdk/util-endpoints@^3.996.5":
+  version "3.996.5"
+  resolved "https://registry.yarnpkg.com/@aws-sdk/util-endpoints/-/util-endpoints-3.996.5.tgz#6b12e80869ae6e84075bc24c2a4e6273ea87dfc2"
+  integrity sha512-Uh93L5sXFNbyR5sEPMzUU8tJ++Ku97EY4udmC01nB8Zu+xfBPwpIwJ6F7snqQeq8h2pf+8SGN5/NoytfKgYPIw==
+  dependencies:
+    "@aws-sdk/types" "^3.973.6"
+    "@smithy/types" "^4.13.1"
+    "@smithy/url-parser" "^4.2.12"
+    "@smithy/util-endpoints" "^3.3.3"
+    tslib "^2.6.2"
+
 "@aws-sdk/util-locate-window@^3.0.0":
   version "3.188.0"
   resolved "https://registry.yarnpkg.com/@aws-sdk/util-locate-window/-/util-locate-window-3.188.0.tgz#0bef2b4d932d1401bd78dc1ddd258b14a3652f96"
@@ -686,6 +960,16 @@
     bowser "^2.11.0"
     tslib "^2.6.2"
 
+"@aws-sdk/util-user-agent-browser@^3.972.8":
+  version "3.972.8"
+  resolved "https://registry.yarnpkg.com/@aws-sdk/util-user-agent-browser/-/util-user-agent-browser-3.972.8.tgz#1044845c97c898cd68fc3f9c773494a6a98cdf80"
+  integrity sha512-B3KGXJviV2u6Cdw2SDY2aDhoJkVfY/Q/Trwk2CMSkikE1Oi6gRzxhvhIfiRpHfmIsAhV4EA54TVEX8K6CbHbkA==
+  dependencies:
+    "@aws-sdk/types" "^3.973.6"
+    "@smithy/types" "^4.13.1"
+    bowser "^2.11.0"
+    tslib "^2.6.2"
+
 "@aws-sdk/util-user-agent-node@3.864.0":
   version "3.864.0"
   resolved "https://registry.yarnpkg.com/@aws-sdk/util-user-agent-node/-/util-user-agent-node-3.864.0.tgz#2fd8276a6d7d0ee3d6fe75421c5565e63ae6a0d5"
@@ -697,6 +981,18 @@
     "@smithy/types" "^4.3.2"
     tslib "^2.6.2"
 
+"@aws-sdk/util-user-agent-node@^3.973.14":
+  version "3.973.14"
+  resolved "https://registry.yarnpkg.com/@aws-sdk/util-user-agent-node/-/util-user-agent-node-3.973.14.tgz#955e50e8222c9861fdf8f273ba8ff8e28ba04a5c"
+  integrity sha512-vNSB/DYaPOyujVZBg/zUznH9QC142MaTHVmaFlF7uzzfg3CgT9f/l4C0Yi+vU/tbBhxVcXVB90Oohk5+o+ZbWw==
+  dependencies:
+    "@aws-sdk/middleware-user-agent" "^3.972.28"
+    "@aws-sdk/types" "^3.973.6"
+    "@smithy/node-config-provider" "^4.3.12"
+    "@smithy/types" "^4.13.1"
+    "@smithy/util-config-provider" "^4.2.2"
+    tslib "^2.6.2"
+
 "@aws-sdk/xml-builder@3.862.0":
   version "3.862.0"
   resolved "https://registry.yarnpkg.com/@aws-sdk/xml-builder/-/xml-builder-3.862.0.tgz#d368c76f0f129d43b3ffbc2dc18f53ddd64ec328"
@@ -705,6 +1001,20 @@
     "@smithy/types" "^4.3.2"
     tslib "^2.6.2"
 
+"@aws-sdk/xml-builder@^3.972.16":
+  version "3.972.16"
+  resolved "https://registry.yarnpkg.com/@aws-sdk/xml-builder/-/xml-builder-3.972.16.tgz#ea22fe022cf12d12b07f6faf75c4fa214dea00bc"
+  integrity sha512-iu2pyvaqmeatIJLURLqx9D+4jKAdTH20ntzB6BFwjyN7V960r4jK32mx0Zf7YbtOYAbmbtQfDNuL60ONinyw7A==
+  dependencies:
+    "@smithy/types" "^4.13.1"
+    fast-xml-parser "5.5.8"
+    tslib "^2.6.2"
+
+"@aws/lambda-invoke-store@^0.2.2":
+  version "0.2.4"
+  resolved "https://registry.yarnpkg.com/@aws/lambda-invoke-store/-/lambda-invoke-store-0.2.4.tgz#802f6a50f6b6589063ef63ba8acdee86fcb9f395"
+  integrity sha512-iY8yvjE0y651BixKNPgmv1WrQc+GZ142sb0z4gYnChDDY2YqI4P/jsSopBWrKfAt7LOJAkOXt7rC/hms+WclQQ==
+
 "@babel/code-frame@^7.0.0", "@babel/code-frame@^7.10.4", "@babel/code-frame@^7.12.13", "@babel/code-frame@^7.27.1":
   version "7.27.1"
   resolved "https://registry.yarnpkg.com/@babel/code-frame/-/code-frame-7.27.1.tgz#200f715e66d52a23b221a9435534a91cc13ad5be"
@@ -6637,159 +6947,151 @@
     "@types/node" ">=18.0.0"
     axios "^1.11.0"
 
-"@smithy/abort-controller@^4.0.5":
-  version "4.0.5"
-  resolved "https://registry.yarnpkg.com/@smithy/abort-controller/-/abort-controller-4.0.5.tgz#2872a12d0f11dfdcc4254b39566d5f24ab26a4ab"
-  integrity sha512-jcrqdTQurIrBbUm4W2YdLVMQDoL0sA9DTxYd2s+R/y+2U9NLOP7Xf/YqfSg1FZhlZIYEnvk2mwbyvIfdLEPo8g==
+"@smithy/chunked-blob-reader-native@^4.2.3":
+  version "4.2.3"
+  resolved "https://registry.yarnpkg.com/@smithy/chunked-blob-reader-native/-/chunked-blob-reader-native-4.2.3.tgz#9e79a80d8d44798e7ce7a8f968cbbbaf5a40d950"
+  integrity sha512-jA5k5Udn7Y5717L86h4EIv06wIr3xn8GM1qHRi/Nf31annXcXHJjBKvgztnbn2TxH3xWrPBfgwHsOwZf0UmQWw==
   dependencies:
-    "@smithy/types" "^4.3.2"
+    "@smithy/util-base64" "^4.3.2"
     tslib "^2.6.2"
 
-"@smithy/chunked-blob-reader-native@^4.2.1":
-  version "4.2.1"
-  resolved "https://registry.yarnpkg.com/@smithy/chunked-blob-reader-native/-/chunked-blob-reader-native-4.2.1.tgz#380266951d746b522b4ab2b16bfea6b451147b41"
-  integrity sha512-lX9Ay+6LisTfpLid2zZtIhSEjHMZoAR5hHCR4H7tBz/Zkfr5ea8RcQ7Tk4mi0P76p4cN+Btz16Ffno7YHpKXnQ==
+"@smithy/chunked-blob-reader@^5.2.2":
+  version "5.2.2"
+  resolved "https://registry.yarnpkg.com/@smithy/chunked-blob-reader/-/chunked-blob-reader-5.2.2.tgz#3af48e37b10e5afed478bb31d2b7bc03c81d196c"
+  integrity sha512-St+kVicSyayWQca+I1rGitaOEH6uKgE8IUWoYnnEX26SWdWQcL6LvMSD19Lg+vYHKdT9B2Zuu7rd3i6Wnyb/iw==
   dependencies:
-    "@smithy/util-base64" "^4.3.0"
     tslib "^2.6.2"
 
-"@smithy/chunked-blob-reader@^5.2.0":
-  version "5.2.0"
-  resolved "https://registry.yarnpkg.com/@smithy/chunked-blob-reader/-/chunked-blob-reader-5.2.0.tgz#776fec5eaa5ab5fa70d0d0174b7402420b24559c"
-  integrity sha512-WmU0TnhEAJLWvfSeMxBNe5xtbselEO8+4wG0NtZeL8oR21WgH1xiO37El+/Y+H/Ie4SCwBy3MxYWmOYaGgZueA==
+"@smithy/config-resolver@^4.1.5", "@smithy/config-resolver@^4.4.13":
+  version "4.4.13"
+  resolved "https://registry.yarnpkg.com/@smithy/config-resolver/-/config-resolver-4.4.13.tgz#8bffd41de647ec349b4a74bf02bdd1b32452bacd"
+  integrity sha512-iIzMC5NmOUP6WL6o8iPBjFhUhBZ9pPjpUpQYWMUFQqKyXXzOftbfK8zcQCz/jFV1Psmf05BK5ypx4K2r4Tnwdg==
   dependencies:
+    "@smithy/node-config-provider" "^4.3.12"
+    "@smithy/types" "^4.13.1"
+    "@smithy/util-config-provider" "^4.2.2"
+    "@smithy/util-endpoints" "^3.3.3"
+    "@smithy/util-middleware" "^4.2.12"
     tslib "^2.6.2"
 
-"@smithy/config-resolver@^4.1.5":
-  version "4.1.5"
-  resolved "https://registry.yarnpkg.com/@smithy/config-resolver/-/config-resolver-4.1.5.tgz#3cb7cde8d13ca64630e5655812bac9ffe8182469"
-  integrity sha512-viuHMxBAqydkB0AfWwHIdwf/PRH2z5KHGUzqyRtS/Wv+n3IHI993Sk76VCA7dD/+GzgGOmlJDITfPcJC1nIVIw==
-  dependencies:
-    "@smithy/node-config-provider" "^4.1.4"
-    "@smithy/types" "^4.3.2"
-    "@smithy/util-config-provider" "^4.0.0"
-    "@smithy/util-middleware" "^4.0.5"
+"@smithy/core@^3.23.13", "@smithy/core@^3.8.0":
+  version "3.23.13"
+  resolved "https://registry.yarnpkg.com/@smithy/core/-/core-3.23.13.tgz#343e0d78b907f463b560d9e50d8ae16456281830"
+  integrity sha512-J+2TT9D6oGsUVXVEMvz8h2EmdVnkBiy2auCie4aSJMvKlzUtO5hqjEzXhoCUkIMo7gAYjbQcN0g/MMSXEhDs1Q==
+  dependencies:
+    "@smithy/protocol-http" "^5.3.12"
+    "@smithy/types" "^4.13.1"
+    "@smithy/url-parser" "^4.2.12"
+    "@smithy/util-base64" "^4.3.2"
+    "@smithy/util-body-length-browser" "^4.2.2"
+    "@smithy/util-middleware" "^4.2.12"
+    "@smithy/util-stream" "^4.5.21"
+    "@smithy/util-utf8" "^4.2.2"
+    "@smithy/uuid" "^1.1.2"
     tslib "^2.6.2"
 
-"@smithy/core@^3.8.0":
-  version "3.8.0"
-  resolved "https://registry.yarnpkg.com/@smithy/core/-/core-3.8.0.tgz#321d03564b753025b92e4476579efcd5c505ab1f"
-  integrity sha512-EYqsIYJmkR1VhVE9pccnk353xhs+lB6btdutJEtsp7R055haMJp2yE16eSxw8fv+G0WUY6vqxyYOP8kOqawxYQ==
+"@smithy/credential-provider-imds@^4.0.7", "@smithy/credential-provider-imds@^4.2.12":
+  version "4.2.12"
+  resolved "https://registry.yarnpkg.com/@smithy/credential-provider-imds/-/credential-provider-imds-4.2.12.tgz#fa2e52116cac7eaf5625e0bfd399a4927b598f66"
+  integrity sha512-cr2lR792vNZcYMriSIj+Um3x9KWrjcu98kn234xA6reOAFMmbRpQMOv8KPgEmLLtx3eldU6c5wALKFqNOhugmg==
   dependencies:
-    "@smithy/middleware-serde" "^4.0.9"
-    "@smithy/protocol-http" "^5.1.3"
-    "@smithy/types" "^4.3.2"
-    "@smithy/util-base64" "^4.0.0"
-    "@smithy/util-body-length-browser" "^4.0.0"
-    "@smithy/util-middleware" "^4.0.5"
-    "@smithy/util-stream" "^4.2.4"
-    "@smithy/util-utf8" "^4.0.0"
-    "@types/uuid" "^9.0.1"
+    "@smithy/node-config-provider" "^4.3.12"
+    "@smithy/property-provider" "^4.2.12"
+    "@smithy/types" "^4.13.1"
+    "@smithy/url-parser" "^4.2.12"
     tslib "^2.6.2"
-    uuid "^9.0.1"
 
-"@smithy/credential-provider-imds@^4.0.7":
-  version "4.0.7"
-  resolved "https://registry.yarnpkg.com/@smithy/credential-provider-imds/-/credential-provider-imds-4.0.7.tgz#d8bb566ffd8d9e556810b83d6e0b01b39036b810"
-  integrity sha512-dDzrMXA8d8riFNiPvytxn0mNwR4B3h8lgrQ5UjAGu6T9z/kRg/Xncf4tEQHE/+t25sY8IH3CowcmWi+1U5B1Gw==
-  dependencies:
-    "@smithy/node-config-provider" "^4.1.4"
-    "@smithy/property-provider" "^4.0.5"
-    "@smithy/types" "^4.3.2"
-    "@smithy/url-parser" "^4.0.5"
-    tslib "^2.6.2"
-
-"@smithy/eventstream-codec@^4.2.4":
-  version "4.2.4"
-  resolved "https://registry.yarnpkg.com/@smithy/eventstream-codec/-/eventstream-codec-4.2.4.tgz#f9cc680b156d3fac4cc631a8b0159f5e87205143"
-  integrity sha512-aV8blR9RBDKrOlZVgjOdmOibTC2sBXNiT7WA558b4MPdsLTV6sbyc1WIE9QiIuYMJjYtnPLciefoqSW8Gi+MZQ==
+"@smithy/eventstream-codec@^4.2.12":
+  version "4.2.12"
+  resolved "https://registry.yarnpkg.com/@smithy/eventstream-codec/-/eventstream-codec-4.2.12.tgz#8cd62d08709344fb8b35fd17870fdf1435de61a3"
+  integrity sha512-FE3bZdEl62ojmy8x4FHqxq2+BuOHlcxiH5vaZ6aqHJr3AIZzwF5jfx8dEiU/X0a8RboyNDjmXjlbr8AdEyLgiA==
   dependencies:
     "@aws-crypto/crc32" "5.2.0"
-    "@smithy/types" "^4.8.1"
-    "@smithy/util-hex-encoding" "^4.2.0"
+    "@smithy/types" "^4.13.1"
+    "@smithy/util-hex-encoding" "^4.2.2"
     tslib "^2.6.2"
 
-"@smithy/eventstream-serde-browser@^4.0.5":
-  version "4.2.4"
-  resolved "https://registry.yarnpkg.com/@smithy/eventstream-serde-browser/-/eventstream-serde-browser-4.2.4.tgz#6aa94f14dd4d3376cb3389a0f6f245994e9e97c7"
-  integrity sha512-d5T7ZS3J/r8P/PDjgmCcutmNxnSRvPH1U6iHeXjzI50sMr78GLmFcrczLw33Ap92oEKqa4CLrkAPeSSOqvGdUA==
+"@smithy/eventstream-serde-browser@^4.2.12":
+  version "4.2.12"
+  resolved "https://registry.yarnpkg.com/@smithy/eventstream-serde-browser/-/eventstream-serde-browser-4.2.12.tgz#3ceb8743750edaf5d6e42cd1a2327e048f85ba4e"
+  integrity sha512-XUSuMxlTxV5pp4VpqZf6Sa3vT/Q75FVkLSpSSE3KkWBvAQWeuWt1msTv8fJfgA4/jcJhrbrbMzN1AC/hvPmm5A==
   dependencies:
-    "@smithy/eventstream-serde-universal" "^4.2.4"
-    "@smithy/types" "^4.8.1"
+    "@smithy/eventstream-serde-universal" "^4.2.12"
+    "@smithy/types" "^4.13.1"
     tslib "^2.6.2"
 
-"@smithy/eventstream-serde-config-resolver@^4.1.3":
-  version "4.3.4"
-  resolved "https://registry.yarnpkg.com/@smithy/eventstream-serde-config-resolver/-/eventstream-serde-config-resolver-4.3.4.tgz#6ddd88c57274a6fe72e11bfd5ac858977573dc46"
-  integrity sha512-lxfDT0UuSc1HqltOGsTEAlZ6H29gpfDSdEPTapD5G63RbnYToZ+ezjzdonCCH90j5tRRCw3aLXVbiZaBW3VRVg==
+"@smithy/eventstream-serde-config-resolver@^4.3.12":
+  version "4.3.12"
+  resolved "https://registry.yarnpkg.com/@smithy/eventstream-serde-config-resolver/-/eventstream-serde-config-resolver-4.3.12.tgz#a29164bc5480d935ece9dbdca0f79924259e519a"
+  integrity sha512-7epsAZ3QvfHkngz6RXQYseyZYHlmWXSTPOfPmXkiS+zA6TBNo1awUaMFL9vxyXlGdoELmCZyZe1nQE+imbmV+Q==
   dependencies:
-    "@smithy/types" "^4.8.1"
+    "@smithy/types" "^4.13.1"
     tslib "^2.6.2"
 
-"@smithy/eventstream-serde-node@^4.0.5":
-  version "4.2.4"
-  resolved "https://registry.yarnpkg.com/@smithy/eventstream-serde-node/-/eventstream-serde-node-4.2.4.tgz#61934c44c511bec5b07cfbbf59a2282806cd2ff8"
-  integrity sha512-TPhiGByWnYyzcpU/K3pO5V7QgtXYpE0NaJPEZBCa1Y5jlw5SjqzMSbFiLb+ZkJhqoQc0ImGyVINqnq1ze0ZRcQ==
+"@smithy/eventstream-serde-node@^4.2.12":
+  version "4.2.12"
+  resolved "https://registry.yarnpkg.com/@smithy/eventstream-serde-node/-/eventstream-serde-node-4.2.12.tgz#2cc06a1ea1108f679d376aab81e95a6f69877b4a"
+  integrity sha512-D1pFuExo31854eAvg89KMn9Oab/wEeJR6Buy32B49A9Ogdtx5fwZPqBHUlDzaCDpycTFk2+fSQgX689Qsk7UGA==
   dependencies:
-    "@smithy/eventstream-serde-universal" "^4.2.4"
-    "@smithy/types" "^4.8.1"
+    "@smithy/eventstream-serde-universal" "^4.2.12"
+    "@smithy/types" "^4.13.1"
     tslib "^2.6.2"
 
-"@smithy/eventstream-serde-universal@^4.2.4":
-  version "4.2.4"
-  resolved "https://registry.yarnpkg.com/@smithy/eventstream-serde-universal/-/eventstream-serde-universal-4.2.4.tgz#7c19762047b429d53af4664dc1168482706b4ee7"
-  integrity sha512-GNI/IXaY/XBB1SkGBFmbW033uWA0tj085eCxYih0eccUe/PFR7+UBQv9HNDk2fD9TJu7UVsCWsH99TkpEPSOzQ==
+"@smithy/eventstream-serde-universal@^4.2.12":
+  version "4.2.12"
+  resolved "https://registry.yarnpkg.com/@smithy/eventstream-serde-universal/-/eventstream-serde-universal-4.2.12.tgz#a3640d1e7c3e348168360035661db8d21b51e078"
+  integrity sha512-+yNuTiyBACxOJUTvbsNsSOfH9G9oKbaJE1lNL3YHpGcuucl6rPZMi3nrpehpVOVR2E07YqFFmtwpImtpzlouHQ==
   dependencies:
-    "@smithy/eventstream-codec" "^4.2.4"
-    "@smithy/types" "^4.8.1"
+    "@smithy/eventstream-codec" "^4.2.12"
+    "@smithy/types" "^4.13.1"
     tslib "^2.6.2"
 
-"@smithy/fetch-http-handler@^5.1.1":
-  version "5.1.1"
-  resolved "https://registry.yarnpkg.com/@smithy/fetch-http-handler/-/fetch-http-handler-5.1.1.tgz#a444c99bffdf314deb447370429cc3e719f1a866"
-  integrity sha512-61WjM0PWmZJR+SnmzaKI7t7G0UkkNFboDpzIdzSoy7TByUzlxo18Qlh9s71qug4AY4hlH/CwXdubMtkcNEb/sQ==
+"@smithy/fetch-http-handler@^5.1.1", "@smithy/fetch-http-handler@^5.3.15":
+  version "5.3.15"
+  resolved "https://registry.yarnpkg.com/@smithy/fetch-http-handler/-/fetch-http-handler-5.3.15.tgz#acf69a8b3bab0396d2782fc901bad0b957c8c6a2"
+  integrity sha512-T4jFU5N/yiIfrtrsb9uOQn7RdELdM/7HbyLNr6uO/mpkj1ctiVs7CihVr51w4LyQlXWDpXFn4BElf1WmQvZu/A==
   dependencies:
-    "@smithy/protocol-http" "^5.1.3"
-    "@smithy/querystring-builder" "^4.0.5"
-    "@smithy/types" "^4.3.2"
-    "@smithy/util-base64" "^4.0.0"
+    "@smithy/protocol-http" "^5.3.12"
+    "@smithy/querystring-builder" "^4.2.12"
+    "@smithy/types" "^4.13.1"
+    "@smithy/util-base64" "^4.3.2"
     tslib "^2.6.2"
 
-"@smithy/hash-blob-browser@^4.0.5":
-  version "4.2.5"
-  resolved "https://registry.yarnpkg.com/@smithy/hash-blob-browser/-/hash-blob-browser-4.2.5.tgz#c82e032747b72811f735c2c1f0ed0c1aeb4de910"
-  integrity sha512-kCdgjD2J50qAqycYx0imbkA9tPtyQr1i5GwbK/EOUkpBmJGSkJe4mRJm+0F65TUSvvui1HZ5FFGFCND7l8/3WQ==
+"@smithy/hash-blob-browser@^4.2.13":
+  version "4.2.13"
+  resolved "https://registry.yarnpkg.com/@smithy/hash-blob-browser/-/hash-blob-browser-4.2.13.tgz#464a7fb6b8355f6a56ddd0de194857760543248f"
+  integrity sha512-YrF4zWKh+ghLuquldj6e/RzE3xZYL8wIPfkt0MqCRphVICjyyjH8OwKD7LLlKpVEbk4FLizFfC1+gwK6XQdR3g==
   dependencies:
-    "@smithy/chunked-blob-reader" "^5.2.0"
-    "@smithy/chunked-blob-reader-native" "^4.2.1"
-    "@smithy/types" "^4.8.1"
+    "@smithy/chunked-blob-reader" "^5.2.2"
+    "@smithy/chunked-blob-reader-native" "^4.2.3"
+    "@smithy/types" "^4.13.1"
     tslib "^2.6.2"
 
-"@smithy/hash-node@^4.0.5":
-  version "4.0.5"
-  resolved "https://registry.yarnpkg.com/@smithy/hash-node/-/hash-node-4.0.5.tgz#16cf8efe42b8b611b1f56f78464b97b27ca6a3ec"
-  integrity sha512-cv1HHkKhpyRb6ahD8Vcfb2Hgz67vNIXEp2vnhzfxLFGRukLCNEA5QdsorbUEzXma1Rco0u3rx5VTqbM06GcZqQ==
+"@smithy/hash-node@^4.0.5", "@smithy/hash-node@^4.2.12":
+  version "4.2.12"
+  resolved "https://registry.yarnpkg.com/@smithy/hash-node/-/hash-node-4.2.12.tgz#0ee7f6a1d2958c313ee24b07159dcb9547792441"
+  integrity sha512-QhBYbGrbxTkZ43QoTPrK72DoYviDeg6YKDrHTMJbbC+A0sml3kSjzFtXP7BtbyJnXojLfTQldGdUR0RGD8dA3w==
   dependencies:
-    "@smithy/types" "^4.3.2"
-    "@smithy/util-buffer-from" "^4.0.0"
-    "@smithy/util-utf8" "^4.0.0"
+    "@smithy/types" "^4.13.1"
+    "@smithy/util-buffer-from" "^4.2.2"
+    "@smithy/util-utf8" "^4.2.2"
     tslib "^2.6.2"
 
-"@smithy/hash-stream-node@^4.0.5":
-  version "4.2.4"
-  resolved "https://registry.yarnpkg.com/@smithy/hash-stream-node/-/hash-stream-node-4.2.4.tgz#553fa9a8fe567b0018cf99be3dafb920bc241a7f"
-  integrity sha512-amuh2IJiyRfO5MV0X/YFlZMD6banjvjAwKdeJiYGUbId608x+oSNwv3vlyW2Gt6AGAgl3EYAuyYLGRX/xU8npQ==
+"@smithy/hash-stream-node@^4.2.12":
+  version "4.2.12"
+  resolved "https://registry.yarnpkg.com/@smithy/hash-stream-node/-/hash-stream-node-4.2.12.tgz#cff200a551bd3f246f8d0aed4309d05873039437"
+  integrity sha512-O3YbmGExeafuM/kP7Y8r6+1y0hIh3/zn6GROx0uNlB54K9oihAL75Qtc+jFfLNliTi6pxOAYZrRKD9A7iA6UFw==
   dependencies:
-    "@smithy/types" "^4.8.1"
-    "@smithy/util-utf8" "^4.2.0"
+    "@smithy/types" "^4.13.1"
+    "@smithy/util-utf8" "^4.2.2"
     tslib "^2.6.2"
 
-"@smithy/invalid-dependency@^4.0.5":
-  version "4.0.5"
-  resolved "https://registry.yarnpkg.com/@smithy/invalid-dependency/-/invalid-dependency-4.0.5.tgz#ed88e209668266b09c4b501f9bd656728b5ece60"
-  integrity sha512-IVnb78Qtf7EJpoEVo7qJ8BEXQwgC4n3igeJNNKEj/MLYtapnx8A67Zt/J3RXAj2xSO1910zk0LdFiygSemuLow==
+"@smithy/invalid-dependency@^4.0.5", "@smithy/invalid-dependency@^4.2.12":
+  version "4.2.12"
+  resolved "https://registry.yarnpkg.com/@smithy/invalid-dependency/-/invalid-dependency-4.2.12.tgz#1a28c13fb33684b91848d4d6ec5104a1c1413e7f"
+  integrity sha512-/4F1zb7Z8LOu1PalTdESFHR0RbPwHd3FcaG1sI3UEIriQTWakysgJr65lc1jj6QY5ye7aFsisajotH6UhWfm/g==
   dependencies:
-    "@smithy/types" "^4.3.2"
+    "@smithy/types" "^4.13.1"
     tslib "^2.6.2"
 
 "@smithy/is-array-buffer@^2.2.0":
@@ -6799,210 +7101,209 @@
   dependencies:
     tslib "^2.6.2"
 
-"@smithy/is-array-buffer@^4.0.0", "@smithy/is-array-buffer@^4.2.0":
-  version "4.2.0"
-  resolved "https://registry.yarnpkg.com/@smithy/is-array-buffer/-/is-array-buffer-4.2.0.tgz#b0f874c43887d3ad44f472a0f3f961bcce0550c2"
-  integrity sha512-DZZZBvC7sjcYh4MazJSGiWMI2L7E0oCiRHREDzIxi/M2LY79/21iXt6aPLHge82wi5LsuRF5A06Ds3+0mlh6CQ==
+"@smithy/is-array-buffer@^4.2.2":
+  version "4.2.2"
+  resolved "https://registry.yarnpkg.com/@smithy/is-array-buffer/-/is-array-buffer-4.2.2.tgz#c401ce54b12a16529eb1c938a0b6c2247cb763b8"
+  integrity sha512-n6rQ4N8Jj4YTQO3YFrlgZuwKodf4zUFs7EJIWH86pSCWBaAtAGBFfCM7Wx6D2bBJ2xqFNxGBSrUWswT3M0VJow==
   dependencies:
     tslib "^2.6.2"
 
-"@smithy/md5-js@^4.0.5":
-  version "4.2.4"
-  resolved "https://registry.yarnpkg.com/@smithy/md5-js/-/md5-js-4.2.4.tgz#e012464383ffde0bd423d38ef9b5caf720ee90eb"
-  integrity sha512-h7kzNWZuMe5bPnZwKxhVbY1gan5+TZ2c9JcVTHCygB14buVGOZxLl+oGfpY2p2Xm48SFqEWdghpvbBdmaz3ncQ==
+"@smithy/md5-js@^4.2.12":
+  version "4.2.12"
+  resolved "https://registry.yarnpkg.com/@smithy/md5-js/-/md5-js-4.2.12.tgz#8f4f0bd4d57eee488bb4dec712f3c4d25ea6f5d7"
+  integrity sha512-W/oIpHCpWU2+iAkfZYyGWE+qkpuf3vEXHLxQQDx9FPNZTTdnul0dZ2d/gUFrtQ5je1G2kp4cjG0/24YueG2LbQ==
   dependencies:
-    "@smithy/types" "^4.8.1"
-    "@smithy/util-utf8" "^4.2.0"
+    "@smithy/types" "^4.13.1"
+    "@smithy/util-utf8" "^4.2.2"
     tslib "^2.6.2"
 
-"@smithy/middleware-content-length@^4.0.5":
-  version "4.0.5"
-  resolved "https://registry.yarnpkg.com/@smithy/middleware-content-length/-/middleware-content-length-4.0.5.tgz#c5d6e47f5a9fbba20433602bec9bffaeeb821ff3"
-  integrity sha512-l1jlNZoYzoCC7p0zCtBDE5OBXZ95yMKlRlftooE5jPWQn4YBPLgsp+oeHp7iMHaTGoUdFqmHOPa8c9G3gBsRpQ==
+"@smithy/middleware-content-length@^4.0.5", "@smithy/middleware-content-length@^4.2.12":
+  version "4.2.12"
+  resolved "https://registry.yarnpkg.com/@smithy/middleware-content-length/-/middleware-content-length-4.2.12.tgz#dec97ea1444b12e734156b764e9953b2b37c70fd"
+  integrity sha512-YE58Yz+cvFInWI/wOTrB+DbvUVz/pLn5mC5MvOV4fdRUc6qGwygyngcucRQjAhiCEbmfLOXX0gntSIcgMvAjmA==
   dependencies:
-    "@smithy/protocol-http" "^5.1.3"
-    "@smithy/types" "^4.3.2"
+    "@smithy/protocol-http" "^5.3.12"
+    "@smithy/types" "^4.13.1"
     tslib "^2.6.2"
 
-"@smithy/middleware-endpoint@^4.1.18":
-  version "4.1.18"
-  resolved "https://registry.yarnpkg.com/@smithy/middleware-endpoint/-/middleware-endpoint-4.1.18.tgz#81b2f85e3c72b0f1a2d8776e01b0a2968af62c0a"
-  integrity sha512-ZhvqcVRPZxnZlokcPaTwb+r+h4yOIOCJmx0v2d1bpVlmP465g3qpVSf7wxcq5zZdu4jb0H4yIMxuPwDJSQc3MQ==
-  dependencies:
-    "@smithy/core" "^3.8.0"
-    "@smithy/middleware-serde" "^4.0.9"
-    "@smithy/node-config-provider" "^4.1.4"
-    "@smithy/shared-ini-file-loader" "^4.0.5"
-    "@smithy/types" "^4.3.2"
-    "@smithy/url-parser" "^4.0.5"
-    "@smithy/util-middleware" "^4.0.5"
+"@smithy/middleware-endpoint@^4.1.18", "@smithy/middleware-endpoint@^4.4.28":
+  version "4.4.28"
+  resolved "https://registry.yarnpkg.com/@smithy/middleware-endpoint/-/middleware-endpoint-4.4.28.tgz#201b568f3669bd816f60a6043d914c134d80f46c"
+  integrity sha512-p1gfYpi91CHcs5cBq982UlGlDrxoYUX6XdHSo91cQ2KFuz6QloHosO7Jc60pJiVmkWrKOV8kFYlGFFbQ2WUKKQ==
+  dependencies:
+    "@smithy/core" "^3.23.13"
+    "@smithy/middleware-serde" "^4.2.16"
+    "@smithy/node-config-provider" "^4.3.12"
+    "@smithy/shared-ini-file-loader" "^4.4.7"
+    "@smithy/types" "^4.13.1"
+    "@smithy/url-parser" "^4.2.12"
+    "@smithy/util-middleware" "^4.2.12"
     tslib "^2.6.2"
 
-"@smithy/middleware-retry@^4.1.19":
-  version "4.1.19"
-  resolved "https://registry.yarnpkg.com/@smithy/middleware-retry/-/middleware-retry-4.1.19.tgz#19c013c1a548e1185cc1bfabfab3f498667c9e89"
-  integrity sha512-X58zx/NVECjeuUB6A8HBu4bhx72EoUz+T5jTMIyeNKx2lf+Gs9TmWPNNkH+5QF0COjpInP/xSpJGJ7xEnAklQQ==
-  dependencies:
-    "@smithy/node-config-provider" "^4.1.4"
-    "@smithy/protocol-http" "^5.1.3"
-    "@smithy/service-error-classification" "^4.0.7"
-    "@smithy/smithy-client" "^4.4.10"
-    "@smithy/types" "^4.3.2"
-    "@smithy/util-middleware" "^4.0.5"
-    "@smithy/util-retry" "^4.0.7"
-    "@types/uuid" "^9.0.1"
+"@smithy/middleware-retry@^4.1.19", "@smithy/middleware-retry@^4.4.46":
+  version "4.4.46"
+  resolved "https://registry.yarnpkg.com/@smithy/middleware-retry/-/middleware-retry-4.4.46.tgz#dbbf0af08c1bd03fe2afa09a6cfb7a9056387ce6"
+  integrity sha512-SpvWNNOPOrKQGUqZbEPO+es+FRXMWvIyzUKUOYdDgdlA6BdZj/R58p4umoQ76c2oJC44PiM7mKizyyex1IJzow==
+  dependencies:
+    "@smithy/node-config-provider" "^4.3.12"
+    "@smithy/protocol-http" "^5.3.12"
+    "@smithy/service-error-classification" "^4.2.12"
+    "@smithy/smithy-client" "^4.12.8"
+    "@smithy/types" "^4.13.1"
+    "@smithy/util-middleware" "^4.2.12"
+    "@smithy/util-retry" "^4.2.13"
+    "@smithy/uuid" "^1.1.2"
     tslib "^2.6.2"
-    uuid "^9.0.1"
 
-"@smithy/middleware-serde@^4.0.9":
-  version "4.0.9"
-  resolved "https://registry.yarnpkg.com/@smithy/middleware-serde/-/middleware-serde-4.0.9.tgz#71213158bb11c1d632829001ca3f233323fb2a7c"
-  integrity sha512-uAFFR4dpeoJPGz8x9mhxp+RPjo5wW0QEEIPPPbLXiRRWeCATf/Km3gKIVR5vaP8bN1kgsPhcEeh+IZvUlBv6Xg==
+"@smithy/middleware-serde@^4.0.9", "@smithy/middleware-serde@^4.2.16":
+  version "4.2.16"
+  resolved "https://registry.yarnpkg.com/@smithy/middleware-serde/-/middleware-serde-4.2.16.tgz#7f259e1e4e43332ad29b53cf3b4d9f14fde690ce"
+  integrity sha512-beqfV+RZ9RSv+sQqor3xroUUYgRFCGRw6niGstPG8zO9LgTl0B0MCucxjmrH/2WwksQN7UUgI7KNANoZv+KALA==
   dependencies:
-    "@smithy/protocol-http" "^5.1.3"
-    "@smithy/types" "^4.3.2"
+    "@smithy/core" "^3.23.13"
+    "@smithy/protocol-http" "^5.3.12"
+    "@smithy/types" "^4.13.1"
     tslib "^2.6.2"
 
-"@smithy/middleware-stack@^4.0.5":
-  version "4.0.5"
-  resolved "https://registry.yarnpkg.com/@smithy/middleware-stack/-/middleware-stack-4.0.5.tgz#577050d4c0afe816f1ea85f335b2ef64f73e4328"
-  integrity sha512-/yoHDXZPh3ocRVyeWQFvC44u8seu3eYzZRveCMfgMOBcNKnAmOvjbL9+Cp5XKSIi9iYA9PECUuW2teDAk8T+OQ==
+"@smithy/middleware-stack@^4.0.5", "@smithy/middleware-stack@^4.2.12":
+  version "4.2.12"
+  resolved "https://registry.yarnpkg.com/@smithy/middleware-stack/-/middleware-stack-4.2.12.tgz#96b43b2fab0d4a6723f813f76b72418b0fdb6ba0"
+  integrity sha512-kruC5gRHwsCOuyCd4ouQxYjgRAym2uDlCvQ5acuMtRrcdfg7mFBg6blaxcJ09STpt3ziEkis6bhg1uwrWU7txw==
   dependencies:
-    "@smithy/types" "^4.3.2"
+    "@smithy/types" "^4.13.1"
     tslib "^2.6.2"
 
-"@smithy/node-config-provider@^4.1.4":
-  version "4.1.4"
-  resolved "https://registry.yarnpkg.com/@smithy/node-config-provider/-/node-config-provider-4.1.4.tgz#42f231b7027e5a7ce003fd80180e586fe814944a"
-  integrity sha512-+UDQV/k42jLEPPHSn39l0Bmc4sB1xtdI9Gd47fzo/0PbXzJ7ylgaOByVjF5EeQIumkepnrJyfx86dPa9p47Y+w==
+"@smithy/node-config-provider@^4.1.4", "@smithy/node-config-provider@^4.3.12":
+  version "4.3.12"
+  resolved "https://registry.yarnpkg.com/@smithy/node-config-provider/-/node-config-provider-4.3.12.tgz#bb722da6e2a130ae585754fa7bc8d909f9f5d702"
+  integrity sha512-tr2oKX2xMcO+rBOjobSwVAkV05SIfUKz8iI53rzxEmgW3GOOPOv0UioSDk+J8OpRQnpnhsO3Af6IEBabQBVmiw==
   dependencies:
-    "@smithy/property-provider" "^4.0.5"
-    "@smithy/shared-ini-file-loader" "^4.0.5"
-    "@smithy/types" "^4.3.2"
+    "@smithy/property-provider" "^4.2.12"
+    "@smithy/shared-ini-file-loader" "^4.4.7"
+    "@smithy/types" "^4.13.1"
     tslib "^2.6.2"
 
-"@smithy/node-http-handler@^4.1.1":
-  version "4.1.1"
-  resolved "https://registry.yarnpkg.com/@smithy/node-http-handler/-/node-http-handler-4.1.1.tgz#dd806d9e08b6e73125040dd0808ab56d16a178e9"
-  integrity sha512-RHnlHqFpoVdjSPPiYy/t40Zovf3BBHc2oemgD7VsVTFFZrU5erFFe0n52OANZZ/5sbshgD93sOh5r6I35Xmpaw==
+"@smithy/node-http-handler@^4.1.1", "@smithy/node-http-handler@^4.5.1":
+  version "4.5.1"
+  resolved "https://registry.yarnpkg.com/@smithy/node-http-handler/-/node-http-handler-4.5.1.tgz#9f05b4478ccfc6db82af37579a36fa48ee8f6067"
+  integrity sha512-ejjxdAXjkPIs9lyYyVutOGNOraqUE9v/NjGMKwwFrfOM354wfSD8lmlj8hVwUzQmlLLF4+udhfCX9Exnbmvfzw==
   dependencies:
-    "@smithy/abort-controller" "^4.0.5"
-    "@smithy/protocol-http" "^5.1.3"
-    "@smithy/querystring-builder" "^4.0.5"
-    "@smithy/types" "^4.3.2"
+    "@smithy/protocol-http" "^5.3.12"
+    "@smithy/querystring-builder" "^4.2.12"
+    "@smithy/types" "^4.13.1"
     tslib "^2.6.2"
 
-"@smithy/property-provider@^4.0.5":
-  version "4.0.5"
-  resolved "https://registry.yarnpkg.com/@smithy/property-provider/-/property-provider-4.0.5.tgz#d3b368b31d5b130f4c30cc0c91f9ebb28d9685fc"
-  integrity sha512-R/bswf59T/n9ZgfgUICAZoWYKBHcsVDurAGX88zsiUtOTA/xUAPyiT+qkNCPwFn43pZqN84M4MiUsbSGQmgFIQ==
+"@smithy/property-provider@^4.0.5", "@smithy/property-provider@^4.2.12":
+  version "4.2.12"
+  resolved "https://registry.yarnpkg.com/@smithy/property-provider/-/property-provider-4.2.12.tgz#e9f8e5ce125413973b16e39c87cf4acd41324e21"
+  integrity sha512-jqve46eYU1v7pZ5BM+fmkbq3DerkSluPr5EhvOcHxygxzD05ByDRppRwRPPpFrsFo5yDtCYLKu+kreHKVrvc7A==
   dependencies:
-    "@smithy/types" "^4.3.2"
+    "@smithy/types" "^4.13.1"
     tslib "^2.6.2"
 
-"@smithy/protocol-http@^5.1.3":
-  version "5.1.3"
-  resolved "https://registry.yarnpkg.com/@smithy/protocol-http/-/protocol-http-5.1.3.tgz#86855b528c0e4cb9fa6fb4ed6ba3cdf5960f88f4"
-  integrity sha512-fCJd2ZR7D22XhDY0l+92pUag/7je2BztPRQ01gU5bMChcyI0rlly7QFibnYHzcxDvccMjlpM/Q1ev8ceRIb48w==
+"@smithy/protocol-http@^5.1.3", "@smithy/protocol-http@^5.3.12":
+  version "5.3.12"
+  resolved "https://registry.yarnpkg.com/@smithy/protocol-http/-/protocol-http-5.3.12.tgz#c913053e7dfbac6cdd7f374f0b4f5aa7c518d0e1"
+  integrity sha512-fit0GZK9I1xoRlR4jXmbLhoN0OdEpa96ul8M65XdmXnxXkuMxM0Y8HDT0Fh0Xb4I85MBvBClOzgSrV1X2s1Hxw==
   dependencies:
-    "@smithy/types" "^4.3.2"
+    "@smithy/types" "^4.13.1"
     tslib "^2.6.2"
 
-"@smithy/querystring-builder@^4.0.5":
-  version "4.0.5"
-  resolved "https://registry.yarnpkg.com/@smithy/querystring-builder/-/querystring-builder-4.0.5.tgz#158ae170f8ec2d8af6b84cdaf774205a7dfacf68"
-  integrity sha512-NJeSCU57piZ56c+/wY+AbAw6rxCCAOZLCIniRE7wqvndqxcKKDOXzwWjrY7wGKEISfhL9gBbAaWWgHsUGedk+A==
+"@smithy/querystring-builder@^4.2.12":
+  version "4.2.12"
+  resolved "https://registry.yarnpkg.com/@smithy/querystring-builder/-/querystring-builder-4.2.12.tgz#20a0266b151a4b58409f901e1463257a72835c16"
+  integrity sha512-6wTZjGABQufekycfDGMEB84BgtdOE/rCVTov+EDXQ8NHKTUNIp/j27IliwP7tjIU9LR+sSzyGBOXjeEtVgzCHg==
   dependencies:
-    "@smithy/types" "^4.3.2"
-    "@smithy/util-uri-escape" "^4.0.0"
+    "@smithy/types" "^4.13.1"
+    "@smithy/util-uri-escape" "^4.2.2"
     tslib "^2.6.2"
 
-"@smithy/querystring-parser@^4.0.5":
-  version "4.0.5"
-  resolved "https://registry.yarnpkg.com/@smithy/querystring-parser/-/querystring-parser-4.0.5.tgz#95706e56aa769f09dc8922d1b19ffaa06946e252"
-  integrity sha512-6SV7md2CzNG/WUeTjVe6Dj8noH32r4MnUeFKZrnVYsQxpGSIcphAanQMayi8jJLZAWm6pdM9ZXvKCpWOsIGg0w==
+"@smithy/querystring-parser@^4.2.12":
+  version "4.2.12"
+  resolved "https://registry.yarnpkg.com/@smithy/querystring-parser/-/querystring-parser-4.2.12.tgz#918cb609b2d606ab81f2727bfde0265d2ebb2758"
+  integrity sha512-P2OdvrgiAKpkPNKlKUtWbNZKB1XjPxM086NeVhK+W+wI46pIKdWBe5QyXvhUm3MEcyS/rkLvY8rZzyUdmyDZBw==
   dependencies:
-    "@smithy/types" "^4.3.2"
+    "@smithy/types" "^4.13.1"
     tslib "^2.6.2"
 
-"@smithy/service-error-classification@^4.0.7":
-  version "4.0.7"
-  resolved "https://registry.yarnpkg.com/@smithy/service-error-classification/-/service-error-classification-4.0.7.tgz#24072198a8c110d29677762162a5096e29eb4862"
-  integrity sha512-XvRHOipqpwNhEjDf2L5gJowZEm5nsxC16pAZOeEcsygdjv9A2jdOh3YoDQvOXBGTsaJk6mNWtzWalOB9976Wlg==
+"@smithy/service-error-classification@^4.2.12":
+  version "4.2.12"
+  resolved "https://registry.yarnpkg.com/@smithy/service-error-classification/-/service-error-classification-4.2.12.tgz#795e9484207acf63817a9e9cf67e90b42e720840"
+  integrity sha512-LlP29oSQN0Tw0b6D0Xo6BIikBswuIiGYbRACy5ujw/JgWSzTdYj46U83ssf6Ux0GyNJVivs2uReU8pt7Eu9okQ==
   dependencies:
-    "@smithy/types" "^4.3.2"
+    "@smithy/types" "^4.13.1"
 
-"@smithy/shared-ini-file-loader@^4.0.5":
-  version "4.0.5"
-  resolved "https://registry.yarnpkg.com/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-4.0.5.tgz#8d8a493276cd82a7229c755bef8d375256c5ebb9"
-  integrity sha512-YVVwehRDuehgoXdEL4r1tAAzdaDgaC9EQvhK0lEbfnbrd0bd5+CTQumbdPryX3J2shT7ZqQE+jPW4lmNBAB8JQ==
+"@smithy/shared-ini-file-loader@^4.0.5", "@smithy/shared-ini-file-loader@^4.4.7":
+  version "4.4.7"
+  resolved "https://registry.yarnpkg.com/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-4.4.7.tgz#18cc5a21f871509fafbe535a7bf44bde5a500727"
+  integrity sha512-HrOKWsUb+otTeo1HxVWeEb99t5ER1XrBi/xka2Wv6NVmTbuCUC1dvlrksdvxFtODLBjsC+PHK+fuy2x/7Ynyiw==
   dependencies:
-    "@smithy/types" "^4.3.2"
+    "@smithy/types" "^4.13.1"
     tslib "^2.6.2"
 
-"@smithy/signature-v4@^5.1.3":
-  version "5.1.3"
-  resolved "https://registry.yarnpkg.com/@smithy/signature-v4/-/signature-v4-5.1.3.tgz#92a4f6e9ce66730eeb0d996cd0478c5cbaf5b3f5"
-  integrity sha512-mARDSXSEgllNzMw6N+mC+r1AQlEBO3meEAkR/UlfAgnMzJUB3goRBWgip1EAMG99wh36MDqzo86SfIX5Y+VEaw==
-  dependencies:
-    "@smithy/is-array-buffer" "^4.0.0"
-    "@smithy/protocol-http" "^5.1.3"
-    "@smithy/types" "^4.3.2"
-    "@smithy/util-hex-encoding" "^4.0.0"
-    "@smithy/util-middleware" "^4.0.5"
-    "@smithy/util-uri-escape" "^4.0.0"
-    "@smithy/util-utf8" "^4.0.0"
+"@smithy/signature-v4@^5.1.3", "@smithy/signature-v4@^5.3.12":
+  version "5.3.12"
+  resolved "https://registry.yarnpkg.com/@smithy/signature-v4/-/signature-v4-5.3.12.tgz#b61ce40a94bdd91dfdd8f5f2136631c8eb67f253"
+  integrity sha512-B/FBwO3MVOL00DaRSXfXfa/TRXRheagt/q5A2NM13u7q+sHS59EOVGQNfG7DkmVtdQm5m3vOosoKAXSqn/OEgw==
+  dependencies:
+    "@smithy/is-array-buffer" "^4.2.2"
+    "@smithy/protocol-http" "^5.3.12"
+    "@smithy/types" "^4.13.1"
+    "@smithy/util-hex-encoding" "^4.2.2"
+    "@smithy/util-middleware" "^4.2.12"
+    "@smithy/util-uri-escape" "^4.2.2"
+    "@smithy/util-utf8" "^4.2.2"
     tslib "^2.6.2"
 
-"@smithy/smithy-client@^4.4.10":
-  version "4.4.10"
-  resolved "https://registry.yarnpkg.com/@smithy/smithy-client/-/smithy-client-4.4.10.tgz#c4b49c1d1ff9eb813f88f1e425a5dfac25a03180"
-  integrity sha512-iW6HjXqN0oPtRS0NK/zzZ4zZeGESIFcxj2FkWed3mcK8jdSdHzvnCKXSjvewESKAgGKAbJRA+OsaqKhkdYRbQQ==
-  dependencies:
-    "@smithy/core" "^3.8.0"
-    "@smithy/middleware-endpoint" "^4.1.18"
-    "@smithy/middleware-stack" "^4.0.5"
-    "@smithy/protocol-http" "^5.1.3"
-    "@smithy/types" "^4.3.2"
-    "@smithy/util-stream" "^4.2.4"
+"@smithy/smithy-client@^4.12.8", "@smithy/smithy-client@^4.4.10":
+  version "4.12.8"
+  resolved "https://registry.yarnpkg.com/@smithy/smithy-client/-/smithy-client-4.12.8.tgz#b2982fe8b72e44621c139045d991555c07df0e1a"
+  integrity sha512-aJaAX7vHe5i66smoSSID7t4rKY08PbD8EBU7DOloixvhOozfYWdcSYE4l6/tjkZ0vBZhGjheWzB2mh31sLgCMA==
+  dependencies:
+    "@smithy/core" "^3.23.13"
+    "@smithy/middleware-endpoint" "^4.4.28"
+    "@smithy/middleware-stack" "^4.2.12"
+    "@smithy/protocol-http" "^5.3.12"
+    "@smithy/types" "^4.13.1"
+    "@smithy/util-stream" "^4.5.21"
     tslib "^2.6.2"
 
-"@smithy/types@^4.3.2", "@smithy/types@^4.8.1":
-  version "4.8.1"
-  resolved "https://registry.yarnpkg.com/@smithy/types/-/types-4.8.1.tgz#0ecad4e329340c8844e38a18c7608d84cc1c853c"
-  integrity sha512-N0Zn0OT1zc+NA+UVfkYqQzviRh5ucWwO7mBV3TmHHprMnfcJNfhlPicDkBHi0ewbh+y3evR6cNAW0Raxvb01NA==
+"@smithy/types@^4.13.1", "@smithy/types@^4.3.2":
+  version "4.13.1"
+  resolved "https://registry.yarnpkg.com/@smithy/types/-/types-4.13.1.tgz#8aaf15bb0f42b4e7c93c87018a3678a06d74691d"
+  integrity sha512-787F3yzE2UiJIQ+wYW1CVg2odHjmaWLGksnKQHUrK/lYZSEcy1msuLVvxaR/sI2/aDe9U+TBuLsXnr3vod1g0g==
   dependencies:
     tslib "^2.6.2"
 
-"@smithy/url-parser@^4.0.5":
-  version "4.0.5"
-  resolved "https://registry.yarnpkg.com/@smithy/url-parser/-/url-parser-4.0.5.tgz#1824a9c108b85322c5a31f345f608d47d06f073a"
-  integrity sha512-j+733Um7f1/DXjYhCbvNXABV53NyCRRA54C7bNEIxNPs0YjfRxeMKjjgm2jvTYrciZyCjsicHwQ6Q0ylo+NAUw==
+"@smithy/url-parser@^4.0.5", "@smithy/url-parser@^4.2.12":
+  version "4.2.12"
+  resolved "https://registry.yarnpkg.com/@smithy/url-parser/-/url-parser-4.2.12.tgz#e940557bf0b8e9a25538a421970f64bd827f456f"
+  integrity sha512-wOPKPEpso+doCZGIlr+e1lVI6+9VAKfL4kZWFgzVgGWY2hZxshNKod4l2LXS3PRC9otH/JRSjtEHqQ/7eLciRA==
   dependencies:
-    "@smithy/querystring-parser" "^4.0.5"
-    "@smithy/types" "^4.3.2"
+    "@smithy/querystring-parser" "^4.2.12"
+    "@smithy/types" "^4.13.1"
     tslib "^2.6.2"
 
-"@smithy/util-base64@^4.0.0", "@smithy/util-base64@^4.3.0":
-  version "4.3.0"
-  resolved "https://registry.yarnpkg.com/@smithy/util-base64/-/util-base64-4.3.0.tgz#5e287b528793aa7363877c1a02cd880d2e76241d"
-  integrity sha512-GkXZ59JfyxsIwNTWFnjmFEI8kZpRNIBfxKjv09+nkAWPt/4aGaEWMM04m4sxgNVWkbt2MdSvE3KF/PfX4nFedQ==
+"@smithy/util-base64@^4.0.0", "@smithy/util-base64@^4.3.2":
+  version "4.3.2"
+  resolved "https://registry.yarnpkg.com/@smithy/util-base64/-/util-base64-4.3.2.tgz#be02bcb29a87be744356467ea25ffa413e695cea"
+  integrity sha512-XRH6b0H/5A3SgblmMa5ErXQ2XKhfbQB+Fm/oyLZ2O2kCUrwgg55bU0RekmzAhuwOjA9qdN5VU2BprOvGGUkOOQ==
   dependencies:
-    "@smithy/util-buffer-from" "^4.2.0"
-    "@smithy/util-utf8" "^4.2.0"
+    "@smithy/util-buffer-from" "^4.2.2"
+    "@smithy/util-utf8" "^4.2.2"
     tslib "^2.6.2"
 
-"@smithy/util-body-length-browser@^4.0.0":
-  version "4.0.0"
-  resolved "https://registry.yarnpkg.com/@smithy/util-body-length-browser/-/util-body-length-browser-4.0.0.tgz#965d19109a4b1e5fe7a43f813522cce718036ded"
-  integrity sha512-sNi3DL0/k64/LO3A256M+m3CDdG6V7WKWHdAiBBMUN8S3hK3aMPhwnPik2A/a2ONN+9doY9UxaLfgqsIRg69QA==
+"@smithy/util-body-length-browser@^4.0.0", "@smithy/util-body-length-browser@^4.2.2":
+  version "4.2.2"
+  resolved "https://registry.yarnpkg.com/@smithy/util-body-length-browser/-/util-body-length-browser-4.2.2.tgz#c4404277d22039872abdb80e7800f9a63f263862"
+  integrity sha512-JKCrLNOup3OOgmzeaKQwi4ZCTWlYR5H4Gm1r2uTMVBXoemo1UEghk5vtMi1xSu2ymgKVGW631e2fp9/R610ZjQ==
   dependencies:
     tslib "^2.6.2"
 
-"@smithy/util-body-length-node@^4.0.0":
-  version "4.0.0"
-  resolved "https://registry.yarnpkg.com/@smithy/util-body-length-node/-/util-body-length-node-4.0.0.tgz#3db245f6844a9b1e218e30c93305bfe2ffa473b3"
-  integrity sha512-q0iDP3VsZzqJyje8xJWEJCNIu3lktUGVoSy1KB0UWym2CL1siV3artm+u1DFYTLejpsrdGyCSWBdGNjJzfDPjg==
+"@smithy/util-body-length-node@^4.0.0", "@smithy/util-body-length-node@^4.2.3":
+  version "4.2.3"
+  resolved "https://registry.yarnpkg.com/@smithy/util-body-length-node/-/util-body-length-node-4.2.3.tgz#f923ca530defb86a9ac3ca2d3066bcca7b304fbc"
+  integrity sha512-ZkJGvqBzMHVHE7r/hcuCxlTY8pQr1kMtdsVPs7ex4mMU+EAbcXppfo5NmyxMYi2XU49eqaz56j2gsk4dHHPG/g==
   dependencies:
     tslib "^2.6.2"
 
@@ -7014,96 +7315,95 @@
     "@smithy/is-array-buffer" "^2.2.0"
     tslib "^2.6.2"
 
-"@smithy/util-buffer-from@^4.0.0", "@smithy/util-buffer-from@^4.2.0":
-  version "4.2.0"
-  resolved "https://registry.yarnpkg.com/@smithy/util-buffer-from/-/util-buffer-from-4.2.0.tgz#7abd12c4991b546e7cee24d1e8b4bfaa35c68a9d"
-  integrity sha512-kAY9hTKulTNevM2nlRtxAG2FQ3B2OR6QIrPY3zE5LqJy1oxzmgBGsHLWTcNhWXKchgA0WHW+mZkQrng/pgcCew==
+"@smithy/util-buffer-from@^4.2.2":
+  version "4.2.2"
+  resolved "https://registry.yarnpkg.com/@smithy/util-buffer-from/-/util-buffer-from-4.2.2.tgz#2c6b7857757dfd88f6cd2d36016179a40ccc913b"
+  integrity sha512-FDXD7cvUoFWwN6vtQfEta540Y/YBe5JneK3SoZg9bThSoOAC/eGeYEua6RkBgKjGa/sz6Y+DuBZj3+YEY21y4Q==
   dependencies:
-    "@smithy/is-array-buffer" "^4.2.0"
+    "@smithy/is-array-buffer" "^4.2.2"
     tslib "^2.6.2"
 
-"@smithy/util-config-provider@^4.0.0":
-  version "4.0.0"
-  resolved "https://registry.yarnpkg.com/@smithy/util-config-provider/-/util-config-provider-4.0.0.tgz#e0c7c8124c7fba0b696f78f0bd0ccb060997d45e"
-  integrity sha512-L1RBVzLyfE8OXH+1hsJ8p+acNUSirQnWQ6/EgpchV88G6zGBTDPdXiiExei6Z1wR2RxYvxY/XLw6AMNCCt8H3w==
+"@smithy/util-config-provider@^4.0.0", "@smithy/util-config-provider@^4.2.2":
+  version "4.2.2"
+  resolved "https://registry.yarnpkg.com/@smithy/util-config-provider/-/util-config-provider-4.2.2.tgz#52ebf9d8942838d18bc5fb1520de1e8699d7aad6"
+  integrity sha512-dWU03V3XUprJwaUIFVv4iOnS1FC9HnMHDfUrlNDSh4315v0cWyaIErP8KiqGVbf5z+JupoVpNM7ZB3jFiTejvQ==
   dependencies:
     tslib "^2.6.2"
 
-"@smithy/util-defaults-mode-browser@^4.0.26":
-  version "4.0.26"
-  resolved "https://registry.yarnpkg.com/@smithy/util-defaults-mode-browser/-/util-defaults-mode-browser-4.0.26.tgz#fc04cd466bbb0d80e41930af8d6a8c33c48490f2"
-  integrity sha512-xgl75aHIS/3rrGp7iTxQAOELYeyiwBu+eEgAk4xfKwJJ0L8VUjhO2shsDpeil54BOFsqmk5xfdesiewbUY5tKQ==
+"@smithy/util-defaults-mode-browser@^4.0.26", "@smithy/util-defaults-mode-browser@^4.3.44":
+  version "4.3.44"
+  resolved "https://registry.yarnpkg.com/@smithy/util-defaults-mode-browser/-/util-defaults-mode-browser-4.3.44.tgz#56c0c69415c7a28aaa65c1407b1c090401a38182"
+  integrity sha512-eZg6XzaCbVr2S5cAErU5eGBDaOVTuTo1I65i4tQcHENRcZ8rMWhQy1DaIYUSLyZjsfXvmCqZrstSMYyGFocvHA==
   dependencies:
-    "@smithy/property-provider" "^4.0.5"
-    "@smithy/smithy-client" "^4.4.10"
-    "@smithy/types" "^4.3.2"
-    bowser "^2.11.0"
+    "@smithy/property-provider" "^4.2.12"
+    "@smithy/smithy-client" "^4.12.8"
+    "@smithy/types" "^4.13.1"
     tslib "^2.6.2"
 
-"@smithy/util-defaults-mode-node@^4.0.26":
-  version "4.0.26"
-  resolved "https://registry.yarnpkg.com/@smithy/util-defaults-mode-node/-/util-defaults-mode-node-4.0.26.tgz#adfee8c54301ec4cbabed58cd604995a81b4a8dc"
-  integrity sha512-z81yyIkGiLLYVDetKTUeCZQ8x20EEzvQjrqJtb/mXnevLq2+w3XCEWTJ2pMp401b6BkEkHVfXb/cROBpVauLMQ==
-  dependencies:
-    "@smithy/config-resolver" "^4.1.5"
-    "@smithy/credential-provider-imds" "^4.0.7"
-    "@smithy/node-config-provider" "^4.1.4"
-    "@smithy/property-provider" "^4.0.5"
-    "@smithy/smithy-client" "^4.4.10"
-    "@smithy/types" "^4.3.2"
+"@smithy/util-defaults-mode-node@^4.0.26", "@smithy/util-defaults-mode-node@^4.2.48":
+  version "4.2.48"
+  resolved "https://registry.yarnpkg.com/@smithy/util-defaults-mode-node/-/util-defaults-mode-node-4.2.48.tgz#8ee63e2ea706bd111104e8f3796d858cc186625f"
+  integrity sha512-FqOKTlqSaoV3nzO55pMs5NBnZX8EhoI0DGmn9kbYeXWppgHD6dchyuj2HLqp4INJDJbSrj6OFYJkAh/WhSzZPg==
+  dependencies:
+    "@smithy/config-resolver" "^4.4.13"
+    "@smithy/credential-provider-imds" "^4.2.12"
+    "@smithy/node-config-provider" "^4.3.12"
+    "@smithy/property-provider" "^4.2.12"
+    "@smithy/smithy-client" "^4.12.8"
+    "@smithy/types" "^4.13.1"
     tslib "^2.6.2"
 
-"@smithy/util-endpoints@^3.0.7":
-  version "3.0.7"
-  resolved "https://registry.yarnpkg.com/@smithy/util-endpoints/-/util-endpoints-3.0.7.tgz#9d52f2e7e7a1ea4814ae284270a5f1d3930b3773"
-  integrity sha512-klGBP+RpBp6V5JbrY2C/VKnHXn3d5V2YrifZbmMY8os7M6m8wdYFoO6w/fe5VkP+YVwrEktW3IWYaSQVNZJ8oQ==
+"@smithy/util-endpoints@^3.0.7", "@smithy/util-endpoints@^3.3.3":
+  version "3.3.3"
+  resolved "https://registry.yarnpkg.com/@smithy/util-endpoints/-/util-endpoints-3.3.3.tgz#0119f15bcac30b3b9af1d3cc0a8477e7199d0185"
+  integrity sha512-VACQVe50j0HZPjpwWcjyT51KUQ4AnsvEaQ2lKHOSL4mNLD0G9BjEniQ+yCt1qqfKfiAHRAts26ud7hBjamrwig==
   dependencies:
-    "@smithy/node-config-provider" "^4.1.4"
-    "@smithy/types" "^4.3.2"
+    "@smithy/node-config-provider" "^4.3.12"
+    "@smithy/types" "^4.13.1"
     tslib "^2.6.2"
 
-"@smithy/util-hex-encoding@^4.0.0", "@smithy/util-hex-encoding@^4.2.0":
-  version "4.2.0"
-  resolved "https://registry.yarnpkg.com/@smithy/util-hex-encoding/-/util-hex-encoding-4.2.0.tgz#1c22ea3d1e2c3a81ff81c0a4f9c056a175068a7b"
-  integrity sha512-CCQBwJIvXMLKxVbO88IukazJD9a4kQ9ZN7/UMGBjBcJYvatpWk+9g870El4cB8/EJxfe+k+y0GmR9CAzkF+Nbw==
+"@smithy/util-hex-encoding@^4.2.2":
+  version "4.2.2"
+  resolved "https://registry.yarnpkg.com/@smithy/util-hex-encoding/-/util-hex-encoding-4.2.2.tgz#4abf3335dd1eb884041d8589ca7628d81a6fd1d3"
+  integrity sha512-Qcz3W5vuHK4sLQdyT93k/rfrUwdJ8/HZ+nMUOyGdpeGA1Wxt65zYwi3oEl9kOM+RswvYq90fzkNDahPS8K0OIg==
   dependencies:
     tslib "^2.6.2"
 
-"@smithy/util-middleware@^4.0.5":
-  version "4.0.5"
-  resolved "https://registry.yarnpkg.com/@smithy/util-middleware/-/util-middleware-4.0.5.tgz#405caf2a66e175ce8ca6c747fa1245b3f5386879"
-  integrity sha512-N40PfqsZHRSsByGB81HhSo+uvMxEHT+9e255S53pfBw/wI6WKDI7Jw9oyu5tJTLwZzV5DsMha3ji8jk9dsHmQQ==
+"@smithy/util-middleware@^4.0.5", "@smithy/util-middleware@^4.2.12":
+  version "4.2.12"
+  resolved "https://registry.yarnpkg.com/@smithy/util-middleware/-/util-middleware-4.2.12.tgz#d6cb837c2390375e2b6957e7f917350ca4bd8757"
+  integrity sha512-Er805uFUOvgc0l8nv0e0su0VFISoxhJ/AwOn3gL2NWNY2LUEldP5WtVcRYSQBcjg0y9NfG8JYrCJaYDpupBHJQ==
   dependencies:
-    "@smithy/types" "^4.3.2"
+    "@smithy/types" "^4.13.1"
     tslib "^2.6.2"
 
-"@smithy/util-retry@^4.0.7":
-  version "4.0.7"
-  resolved "https://registry.yarnpkg.com/@smithy/util-retry/-/util-retry-4.0.7.tgz#3169450193e917da170a87557fcbdfe0faa86779"
-  integrity sha512-TTO6rt0ppK70alZpkjwy+3nQlTiqNfoXja+qwuAchIEAIoSZW8Qyd76dvBv3I5bCpE38APafG23Y/u270NspiQ==
+"@smithy/util-retry@^4.0.7", "@smithy/util-retry@^4.2.13":
+  version "4.2.13"
+  resolved "https://registry.yarnpkg.com/@smithy/util-retry/-/util-retry-4.2.13.tgz#ad816d6ddf197095d188e9ef56664fbd392a39c9"
+  integrity sha512-qQQsIvL0MGIbUjeSrg0/VlQ3jGNKyM3/2iU3FPNgy01z+Sp4OvcaxbgIoFOTvB61ZoohtutuOvOcgmhbD0katQ==
   dependencies:
-    "@smithy/service-error-classification" "^4.0.7"
-    "@smithy/types" "^4.3.2"
+    "@smithy/service-error-classification" "^4.2.12"
+    "@smithy/types" "^4.13.1"
     tslib "^2.6.2"
 
-"@smithy/util-stream@^4.2.4":
-  version "4.2.4"
-  resolved "https://registry.yarnpkg.com/@smithy/util-stream/-/util-stream-4.2.4.tgz#fa9f0e2fd5a8a5adbd013066b475ea8f9d4f900f"
-  integrity sha512-vSKnvNZX2BXzl0U2RgCLOwWaAP9x/ddd/XobPK02pCbzRm5s55M53uwb1rl/Ts7RXZvdJZerPkA+en2FDghLuQ==
-  dependencies:
-    "@smithy/fetch-http-handler" "^5.1.1"
-    "@smithy/node-http-handler" "^4.1.1"
-    "@smithy/types" "^4.3.2"
-    "@smithy/util-base64" "^4.0.0"
-    "@smithy/util-buffer-from" "^4.0.0"
-    "@smithy/util-hex-encoding" "^4.0.0"
-    "@smithy/util-utf8" "^4.0.0"
+"@smithy/util-stream@^4.2.4", "@smithy/util-stream@^4.5.21":
+  version "4.5.21"
+  resolved "https://registry.yarnpkg.com/@smithy/util-stream/-/util-stream-4.5.21.tgz#a9ea13d0299d030c72ab4b4e394db111cd581629"
+  integrity sha512-KzSg+7KKywLnkoKejRtIBXDmwBfjGvg1U1i/etkC7XSWUyFCoLno1IohV2c74IzQqdhX5y3uE44r/8/wuK+A7Q==
+  dependencies:
+    "@smithy/fetch-http-handler" "^5.3.15"
+    "@smithy/node-http-handler" "^4.5.1"
+    "@smithy/types" "^4.13.1"
+    "@smithy/util-base64" "^4.3.2"
+    "@smithy/util-buffer-from" "^4.2.2"
+    "@smithy/util-hex-encoding" "^4.2.2"
+    "@smithy/util-utf8" "^4.2.2"
     tslib "^2.6.2"
 
-"@smithy/util-uri-escape@^4.0.0":
-  version "4.0.0"
-  resolved "https://registry.yarnpkg.com/@smithy/util-uri-escape/-/util-uri-escape-4.0.0.tgz#a96c160c76f3552458a44d8081fade519d214737"
-  integrity sha512-77yfbCbQMtgtTylO9itEAdpPXSog3ZxMe09AEhm0dU0NLTalV70ghDZFR+Nfi1C60jnJoh/Re4090/DuZh2Omg==
+"@smithy/util-uri-escape@^4.2.2":
+  version "4.2.2"
+  resolved "https://registry.yarnpkg.com/@smithy/util-uri-escape/-/util-uri-escape-4.2.2.tgz#48e40206e7fe9daefc8d44bb43a1ab17e76abf4a"
+  integrity sha512-2kAStBlvq+lTXHyAZYfJRb/DfS3rsinLiwb+69SstC9Vb0s9vNWkRwpnj918Pfi85mzi42sOqdV72OLxWAISnw==
   dependencies:
     tslib "^2.6.2"
 
@@ -7115,21 +7415,27 @@
     "@smithy/util-buffer-from" "^2.2.0"
     tslib "^2.6.2"
 
-"@smithy/util-utf8@^4.0.0", "@smithy/util-utf8@^4.2.0":
-  version "4.2.0"
-  resolved "https://registry.yarnpkg.com/@smithy/util-utf8/-/util-utf8-4.2.0.tgz#8b19d1514f621c44a3a68151f3d43e51087fed9d"
-  integrity sha512-zBPfuzoI8xyBtR2P6WQj63Rz8i3AmfAaJLuNG8dWsfvPe8lO4aCPYLn879mEgHndZH1zQ2oXmG8O1GGzzaoZiw==
+"@smithy/util-utf8@^4.0.0", "@smithy/util-utf8@^4.2.2":
+  version "4.2.2"
+  resolved "https://registry.yarnpkg.com/@smithy/util-utf8/-/util-utf8-4.2.2.tgz#21db686982e6f3393ac262e49143b42370130f13"
+  integrity sha512-75MeYpjdWRe8M5E3AW0O4Cx3UadweS+cwdXjwYGBW5h/gxxnbeZ877sLPX/ZJA9GVTlL/qG0dXP29JWFCD1Ayw==
   dependencies:
-    "@smithy/util-buffer-from" "^4.2.0"
+    "@smithy/util-buffer-from" "^4.2.2"
     tslib "^2.6.2"
 
-"@smithy/util-waiter@^4.0.7":
-  version "4.0.7"
-  resolved "https://registry.yarnpkg.com/@smithy/util-waiter/-/util-waiter-4.0.7.tgz#c013cf6a5918c21f8b430b4a825dbac132163f4a"
-  integrity sha512-mYqtQXPmrwvUljaHyGxYUIIRI3qjBTEb/f5QFi3A6VlxhpmZd5mWXn9W+qUkf2pVE1Hv3SqxefiZOPGdxmO64A==
+"@smithy/util-waiter@^4.0.7", "@smithy/util-waiter@^4.2.14":
+  version "4.2.14"
+  resolved "https://registry.yarnpkg.com/@smithy/util-waiter/-/util-waiter-4.2.14.tgz#73dc3602371ea7e48dd7adae1b97b4825e3fb922"
+  integrity sha512-2zqq5o/oizvMaFUlNiTyZ7dbgYv1a893aGut2uaxtbzTx/VYYnRxWzDHuD/ftgcw94ffenua+ZNLrbqwUYE+Bg==
+  dependencies:
+    "@smithy/types" "^4.13.1"
+    tslib "^2.6.2"
+
+"@smithy/uuid@^1.1.2":
+  version "1.1.2"
+  resolved "https://registry.yarnpkg.com/@smithy/uuid/-/uuid-1.1.2.tgz#b6e97c7158615e4a3c775e809c00d8c269b5a12e"
+  integrity sha512-O/IEdcCUKkubz60tFbGA7ceITTAJsty+lBjNoorP4Z6XRqaFb/OjQjZODophEcuq68nKm6/0r+6/lLQ+XVpk8g==
   dependencies:
-    "@smithy/abort-controller" "^4.0.5"
-    "@smithy/types" "^4.3.2"
     tslib "^2.6.2"
 
 "@socket.io/component-emitter@~3.1.0":
@@ -20461,6 +20767,13 @@ fast-uri@^3.0.1:
   resolved "https://registry.yarnpkg.com/fast-uri/-/fast-uri-3.0.6.tgz#88f130b77cfaea2378d56bf970dea21257a68748"
   integrity sha512-Atfo14OibSv5wAp4VWNsFYE1AchQRTv9cBGWET4pZWHzYshFSS9NQI6I57rdKn9croWVMbYFbLhJ+yJvmZIIHw==
 
+fast-xml-builder@^1.1.4:
+  version "1.1.4"
+  resolved "https://registry.yarnpkg.com/fast-xml-builder/-/fast-xml-builder-1.1.4.tgz#0c407a1d9d5996336c0cd76f7ff785cac6413017"
+  integrity sha512-f2jhpN4Eccy0/Uz9csxh3Nu6q4ErKxf0XIsasomfOihuSUa3/xw6w8dnOtCDgEItQFJG8KyXPzQXzcODDrrbOg==
+  dependencies:
+    path-expression-matcher "^1.1.3"
+
 fast-xml-parser@5.2.5:
   version "5.2.5"
   resolved "https://registry.yarnpkg.com/fast-xml-parser/-/fast-xml-parser-5.2.5.tgz#4809fdfb1310494e341098c25cb1341a01a9144a"
@@ -20468,6 +20781,15 @@ fast-xml-parser@5.2.5:
   dependencies:
     strnum "^2.1.0"
 
+fast-xml-parser@5.5.8:
+  version "5.5.8"
+  resolved "https://registry.yarnpkg.com/fast-xml-parser/-/fast-xml-parser-5.5.8.tgz#929571ed8c5eb96e6d9bd572ba14fc4b84875716"
+  integrity sha512-Z7Fh2nVQSb2d+poDViM063ix2ZGt9jmY1nWhPfHBOK2Hgnb/OW3P4Et3P/81SEej0J7QbWtJqxO05h8QYfK7LQ==
+  dependencies:
+    fast-xml-builder "^1.1.4"
+    path-expression-matcher "^1.2.0"
+    strnum "^2.2.0"
+
 fastboot-transform@^0.1.2, fastboot-transform@^0.1.3:
   version "0.1.3"
   resolved "https://registry.yarnpkg.com/fastboot-transform/-/fastboot-transform-0.1.3.tgz#7dea0b117594afd8772baa6c9b0919644e7f7dcd"
@@ -28341,6 +28663,11 @@ path-exists@^5.0.0:
   resolved "https://registry.yarnpkg.com/path-exists/-/path-exists-5.0.0.tgz#a6aad9489200b21fab31e49cf09277e5116fb9e7"
   integrity sha512-RjhtfwJOxzcFmNOi6ltcbcu4Iu+FL3zEj83dk4kAS+fVpTxXLO1b38RvJgT/0QwvV/L3aY9TAnyv0EOqW4GoMQ==
 
+path-expression-matcher@^1.1.3, path-expression-matcher@^1.2.0:
+  version "1.2.1"
+  resolved "https://registry.yarnpkg.com/path-expression-matcher/-/path-expression-matcher-1.2.1.tgz#04de63e98dcef3e07af8b12a41055466f200e291"
+  integrity sha512-d7gQQmLvAKXKXE2GeP9apIGbMYKz88zWdsn/BN2HRWVQsDFdUY36WSLTY0Jvd4HWi7Fb30gQ62oAOzdgJA6fZw==
+
 path-is-absolute@1.0.1, path-is-absolute@^1.0.0, path-is-absolute@^1.0.1:
   version "1.0.1"
   resolved "https://registry.yarnpkg.com/path-is-absolute/-/path-is-absolute-1.0.1.tgz#174b9268735534ffbc7ace6bf53a5a9e1b5c5f5f"
@@ -33036,10 +33363,10 @@ stripe@8.222.0:
     "@types/node" ">=8.1.0"
     qs "^6.10.3"
 
-strnum@^2.1.0:
-  version "2.1.1"
-  resolved "https://registry.yarnpkg.com/strnum/-/strnum-2.1.1.tgz#cf2a6e0cf903728b8b2c4b971b7e36b4e82d46ab"
-  integrity sha512-7ZvoFTiCnGxBtDqJ//Cu6fWtZtc7Y3x+QOirG15wztbdngGSkht27o2pyGWrVy0b4WAy3jbKmnoK6g5VlVNUUw==
+strnum@^2.1.0, strnum@^2.2.0:
+  version "2.2.2"
+  resolved "https://registry.yarnpkg.com/strnum/-/strnum-2.2.2.tgz#f11fd94ab62b536ba2ecc615858f3747c2881b3f"
+  integrity sha512-DnR90I+jtXNSTXWdwrEy9FakW7UX+qUZg28gj5fk2vxxl7uS/3bpI4fjFYVmdK9etptYBPNkpahuQnEwhwECqA==
 
 strtok3@^6.2.4:
   version "6.3.0"
@@ -34876,7 +35203,7 @@ uuid@^8.3.1, uuid@^8.3.2:
   resolved "https://registry.yarnpkg.com/uuid/-/uuid-8.3.2.tgz#80d5b5ced271bb9af6c445f21a1a04c606cefbe2"
   integrity sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==
 
-uuid@^9.0.0, uuid@^9.0.1:
+uuid@^9.0.0:
   version "9.0.1"
   resolved "https://registry.yarnpkg.com/uuid/-/uuid-9.0.1.tgz#e188d4c8853cc722220392c424cd637f32293f30"
   integrity sha512-b+1eJOlsR9K8HJpow9Ok3fiWOWSIcIzXodvv0rQjVoOVNpWMpxf1wZNpt4y9h10odCNrqnYp1OBzRktckBe3sA==

From 8dd96e617bec17d91e9b710f21528f8fad75fd0d Mon Sep 17 00:00:00 2001
From: Hannah Wolfe <github.erisds@gmail.com>
Date: Mon, 6 Apr 2026 09:18:33 +0100
Subject: [PATCH 02/12] Fixed flaky timezone unit test that spawned a
 subprocess

ref 554eb8a8ef

The test spawned a child process to set TZ=America/New_York, which
intermittently timed out on CI (2s mocha default). Since modern
Node.js picks up process.env.TZ changes mid-process, this should
allow the timezone to be set in-process instead, avoiding the
subprocess and its flaky timeout.
---
 .../data/seeders/data-generator.test.js       | 27 +++++++++----------
 1 file changed, 12 insertions(+), 15 deletions(-)

diff --git a/ghost/core/test/unit/server/data/seeders/data-generator.test.js b/ghost/core/test/unit/server/data/seeders/data-generator.test.js
index 7c853863e9a..6f85fe1fbba 100644
--- a/ghost/core/test/unit/server/data/seeders/data-generator.test.js
+++ b/ghost/core/test/unit/server/data/seeders/data-generator.test.js
@@ -1,5 +1,4 @@
 const assert = require('node:assert/strict');
-const {spawnSync} = require('node:child_process');
 
 const knex = require('knex').default;
 
@@ -256,20 +255,18 @@ describe('Importer', function () {
 
 describe('Events Generator', function () {
     it('Parses database timestamps as UTC in non-UTC timezones', function () {
-        const script = `
-            const dateToDatabaseString = require(${JSON.stringify(require.resolve('../../../../../core/server/data/seeders/utils/database-date'))});
-            process.stdout.write(dateToDatabaseString.parse('2026-03-26 11:50:00.000').toISOString());
-        `;
-        const result = spawnSync(process.execPath, ['-e', script], {
-            env: {
-                ...process.env,
-                TZ: 'America/New_York'
-            },
-            encoding: 'utf8'
-        });
-
-        assert.equal(result.status, 0);
-        assert.equal(result.stdout, '2026-03-26T11:50:00.000Z');
+        const originalTZ = process.env.TZ;
+        try {
+            process.env.TZ = 'America/New_York';
+            const result = dateToDatabaseString.parse('2026-03-26 11:50:00.000');
+            assert.equal(result.toISOString(), '2026-03-26T11:50:00.000Z');
+        } finally {
+            if (originalTZ === undefined) {
+                delete process.env.TZ;
+            } else {
+                process.env.TZ = originalTZ;
+            }
+        }
     });
 
     it('Returns the start date when a range is inverted', function () {

From 7a6c22091148595217e82088e3d1cc31114d9e8a Mon Sep 17 00:00:00 2001
From: Sag <guptazy@gmail.com>
Date: Mon, 6 Apr 2026 11:41:48 +0200
Subject: [PATCH 03/12] Added gifts database table (#26995)

closes https://linear.app/ghost/issue/BER-3502
ref https://linear.app/ghost/project/gift-subscriptions-b7184e4f8972

Adding a new table in the context of the gift subscriptions project, to
store gift data (buyer info, redeemer info, gift
amount/currency/duration, etc.)
---
 .../core/server/data/exporter/table-lists.js  |  3 +-
 .../2026-04-06-07-48-06-add-gifts-table.js    | 31 ++++++++++++++++
 ghost/core/core/server/data/schema/schema.js  | 37 +++++++++++++++++++
 .../integration/exporter/exporter.test.js     |  4 +-
 .../unit/server/data/schema/integrity.test.js |  2 +-
 5 files changed, 74 insertions(+), 3 deletions(-)
 create mode 100644 ghost/core/core/server/data/migrations/versions/6.27/2026-04-06-07-48-06-add-gifts-table.js

diff --git a/ghost/core/core/server/data/exporter/table-lists.js b/ghost/core/core/server/data/exporter/table-lists.js
index cb79d54497a..00af696410a 100644
--- a/ghost/core/core/server/data/exporter/table-lists.js
+++ b/ghost/core/core/server/data/exporter/table-lists.js
@@ -57,7 +57,8 @@ const BACKUP_TABLES = [
     'recommendations',
     'recommendation_click_events',
     'recommendation_subscribe_events',
-    'outbox'
+    'outbox',
+    'gifts'
 ];
 
 // NOTE: exposing only tables which are going to be included in a "default" export file
diff --git a/ghost/core/core/server/data/migrations/versions/6.27/2026-04-06-07-48-06-add-gifts-table.js b/ghost/core/core/server/data/migrations/versions/6.27/2026-04-06-07-48-06-add-gifts-table.js
new file mode 100644
index 00000000000..53d3cde5c37
--- /dev/null
+++ b/ghost/core/core/server/data/migrations/versions/6.27/2026-04-06-07-48-06-add-gifts-table.js
@@ -0,0 +1,31 @@
+const {addTable} = require('../../utils');
+
+module.exports = addTable('gifts', {
+    id: {type: 'string', maxlength: 24, nullable: false, primary: true},
+    token: {type: 'string', maxlength: 48, nullable: false, unique: true},
+
+    buyer_email: {type: 'string', maxlength: 191, nullable: false},
+    buyer_member_id: {type: 'string', maxlength: 24, nullable: true, unique: false, references: 'members.id', setNullDelete: true},
+
+    redeemer_member_id: {type: 'string', maxlength: 24, nullable: true, unique: false, references: 'members.id', setNullDelete: true},
+
+    tier_id: {type: 'string', maxlength: 24, nullable: false, unique: false, references: 'products.id'},
+    cadence: {type: 'string', maxlength: 50, nullable: false},
+    duration: {type: 'integer', nullable: false, unsigned: true},
+
+    currency: {type: 'string', maxlength: 50, nullable: false},
+    amount: {type: 'integer', nullable: false, unsigned: true},
+
+    stripe_checkout_session_id: {type: 'string', maxlength: 255, nullable: false, unique: true},
+    stripe_payment_intent_id: {type: 'string', maxlength: 255, nullable: false, unique: true},
+
+    consumes_at: {type: 'dateTime', nullable: true},
+    expires_at: {type: 'dateTime', nullable: true},
+
+    status: {type: 'string', maxlength: 50, nullable: false},
+    purchased_at: {type: 'dateTime', nullable: false},
+    redeemed_at: {type: 'dateTime', nullable: true},
+    consumed_at: {type: 'dateTime', nullable: true},
+    expired_at: {type: 'dateTime', nullable: true},
+    refunded_at: {type: 'dateTime', nullable: true}
+});
diff --git a/ghost/core/core/server/data/schema/schema.js b/ghost/core/core/server/data/schema/schema.js
index 8fd74f64ca0..aa88739d5e8 100644
--- a/ghost/core/core/server/data/schema/schema.js
+++ b/ghost/core/core/server/data/schema/schema.js
@@ -1194,5 +1194,42 @@ module.exports = {
         member_name: {type: 'string', maxlength: 191, nullable: true},
         created_at: {type: 'dateTime', nullable: false},
         updated_at: {type: 'dateTime', nullable: true}
+    },
+    gifts: {
+        id: {type: 'string', maxlength: 24, nullable: false, primary: true},
+        token: {type: 'string', maxlength: 48, nullable: false, unique: true},
+
+        buyer_email: {type: 'string', maxlength: 191, nullable: false, validations: {isEmail: true}},
+        buyer_member_id: {type: 'string', maxlength: 24, nullable: true, unique: false, references: 'members.id', setNullDelete: true},
+
+        redeemer_member_id: {type: 'string', maxlength: 24, nullable: true, unique: false, references: 'members.id', setNullDelete: true},
+
+        tier_id: {type: 'string', maxlength: 24, nullable: false, unique: false, references: 'products.id'},
+        cadence: {
+            type: 'string', maxlength: 50, nullable: false, validations: {
+                isIn: [['month', 'year']]
+            }
+        },
+        duration: {type: 'integer', nullable: false, unsigned: true},
+
+        currency: {type: 'string', maxlength: 50, nullable: false},
+        amount: {type: 'integer', nullable: false, unsigned: true},
+
+        stripe_checkout_session_id: {type: 'string', maxlength: 255, nullable: false, unique: true},
+        stripe_payment_intent_id: {type: 'string', maxlength: 255, nullable: false, unique: true},
+
+        consumes_at: {type: 'dateTime', nullable: true},
+        expires_at: {type: 'dateTime', nullable: true},
+
+        status: {
+            type: 'string', maxlength: 50, nullable: false, validations: {
+                isIn: [['purchased', 'redeemed', 'consumed', 'expired', 'refunded']]
+            }
+        },
+        purchased_at: {type: 'dateTime', nullable: false},
+        redeemed_at: {type: 'dateTime', nullable: true},
+        consumed_at: {type: 'dateTime', nullable: true},
+        expired_at: {type: 'dateTime', nullable: true},
+        refunded_at: {type: 'dateTime', nullable: true}
     }
 };
diff --git a/ghost/core/test/integration/exporter/exporter.test.js b/ghost/core/test/integration/exporter/exporter.test.js
index a467f575be1..da134343d0c 100644
--- a/ghost/core/test/integration/exporter/exporter.test.js
+++ b/ghost/core/test/integration/exporter/exporter.test.js
@@ -42,6 +42,7 @@ describe('Exporter', function () {
                 'email_recipients',
                 'email_spam_complaint_events',
                 'emails',
+                'gifts',
                 'integrations',
                 'invites',
                 'jobs',
@@ -133,7 +134,8 @@ describe('Exporter', function () {
                 'members_status_events',
                 'members_paid_subscription_events',
                 'members_subscribe_events',
-                'outbox'
+                'outbox',
+                'gifts'
             ];
 
             excludedTables.forEach((tableName) => {
diff --git a/ghost/core/test/unit/server/data/schema/integrity.test.js b/ghost/core/test/unit/server/data/schema/integrity.test.js
index d0a091098f7..9c4d3488ae9 100644
--- a/ghost/core/test/unit/server/data/schema/integrity.test.js
+++ b/ghost/core/test/unit/server/data/schema/integrity.test.js
@@ -35,7 +35,7 @@ const validateRouteSettings = require('../../../../../core/server/services/route
  */
 describe('DB version integrity', function () {
     // Only these variables should need updating
-    const currentSchemaHash = '3371efe39a471bf7c67cf23c29790c8b';
+    const currentSchemaHash = '6c63467aae47d05d9a67e695905f08d4';
     const currentFixturesHash = '2f86ab1e3820e86465f9ad738dd0ee93';
     const currentSettingsHash = 'a102b80d2ab0cd92325ed007c94d7da6';
     const currentRoutesHash = '3d180d52c663d173a6be791ef411ed01';

From 0123e5cdc6be993246ca4761e32b016a0d7dc7af Mon Sep 17 00:00:00 2001
From: Michael Barrett <mike@ghost.org>
Date: Mon, 6 Apr 2026 11:02:20 +0100
Subject: [PATCH 04/12] Wired up gift subscription checkout end-to-end (#27080)

ref https://linear.app/ghost/issue/BER-3484

Wired up the gift subscription checkout end-to-end
---
 apps/portal/package.json                      |   2 +-
 apps/portal/src/actions.js                    |  19 ++
 apps/portal/src/components/pages/gift-page.js |  40 ++--
 apps/portal/src/utils/api.js                  |  54 +++++
 apps/portal/test/actions.test.ts              |  44 ++++
 .../controllers/router-controller.js          |  72 +++++-
 .../members-api/services/payments-service.js  |  56 +++++
 .../core/server/services/stripe/stripe-api.js |  55 +++++
 .../controllers/router-controller.test.js     | 137 +++++++++++
 .../services/payments-service.test.js         | 148 ++++++++++++
 .../server/services/stripe/stripe-api.test.js | 223 ++++++++++++++++++
 11 files changed, 834 insertions(+), 16 deletions(-)

diff --git a/apps/portal/package.json b/apps/portal/package.json
index 40b04a7e5b8..735345d9c7b 100644
--- a/apps/portal/package.json
+++ b/apps/portal/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@tryghost/portal",
-  "version": "2.67.6",
+  "version": "2.67.7",
   "license": "MIT",
   "repository": "https://github.com/TryGhost/Ghost",
   "author": "Ghost Foundation",
diff --git a/apps/portal/src/actions.js b/apps/portal/src/actions.js
index 43a6af14156..46d9e6b79a6 100644
--- a/apps/portal/src/actions.js
+++ b/apps/portal/src/actions.js
@@ -223,6 +223,24 @@ async function checkoutPlan({data, state, api}) {
     }
 }
 
+async function checkoutGift({data, state, api}) {
+    try {
+        const {tierId, cadence, email} = data;
+        await api.member.checkoutGift({tierId, cadence, email});
+        return {
+            action: 'checkoutGift:success'
+        };
+    } catch (e) {
+        return {
+            action: 'checkoutGift:failed',
+            popupNotification: createPopupNotification({
+                type: 'checkoutGift:failed', autoHide: false, closeable: true, state, status: 'error',
+                message: t('Failed to process checkout, please try again')
+            })
+        };
+    }
+}
+
 async function updateSubscription({data, state, api}) {
     try {
         const {plan, planId, subscriptionId, cancelAtPeriodEnd} = data;
@@ -678,6 +696,7 @@ const Actions = {
     editBilling,
     manageBilling,
     checkoutPlan,
+    checkoutGift,
     updateNewsletterPreference,
     showPopupNotification,
     removeEmailFromSuppressionList,
diff --git a/apps/portal/src/components/pages/gift-page.js b/apps/portal/src/components/pages/gift-page.js
index ba25f50ef9c..3cbc041a0ae 100644
--- a/apps/portal/src/components/pages/gift-page.js
+++ b/apps/portal/src/components/pages/gift-page.js
@@ -3,6 +3,7 @@ import AppContext from '../../app-context';
 import CloseButton from '../common/close-button';
 import SiteTitleBackButton from '../common/site-title-back-button';
 import InputForm from '../common/input-form';
+import ActionButton from '../common/action-button';
 import LoadingPage from './loading-page';
 import {ReactComponent as CheckmarkIcon} from '../../images/icons/checkmark.svg';
 import {getAvailableProducts, getCurrencySymbol, formatNumber, getStripeAmount, isCookiesDisabled, getActiveInterval} from '../../utils/helpers';
@@ -61,7 +62,7 @@ function GiftProductCardPrice({product, selectedInterval}) {
     );
 }
 
-function GiftProductCard({product, selectedInterval, onPurchase, disabled}) {
+function GiftProductCard({brandColor, product, selectedInterval, isDisabled, isPurchasing, onPurchase}) {
     let productDescription = product.description;
 
     if ((!product.benefits || !product.benefits.length) && !productDescription) {
@@ -84,14 +85,15 @@ function GiftProductCard({product, selectedInterval, onPurchase, disabled}) {
                     <GiftProductCardBenefits product={product} />
                 </div>
                 <div className='gh-portal-btn-product'>
-                    <button
-                        data-test-button='purchase-gift'
-                        className='gh-portal-btn'
-                        disabled={disabled}
-                        onClick={onPurchase}
-                    >
-                        Purchase gift
-                    </button>
+                    <ActionButton
+                        dataTestId='purchase-gift'
+                        label='Purchase gift'
+                        onClick={e => onPurchase(e, product)}
+                        disabled={isDisabled}
+                        isRunning={isPurchasing}
+                        brandColor={brandColor}
+                        style={{width: '100%'}}
+                    />
                 </div>
             </div>
         </div>
@@ -132,10 +134,11 @@ function GiftPriceSwitch({selectedInterval, setSelectedInterval, products}) {
 }
 
 const GiftPage = () => {
-    const {site, member} = useContext(AppContext);
+    const {site, member, brandColor, action, doAction} = useContext(AppContext);
     const [email, setEmail] = useState(member?.email || '');
     const [emailError, setEmailError] = useState('');
     const [selectedInterval, setSelectedInterval] = useState(null);
+    const [selectedProduct, setSelectedProduct] = useState(null);
 
     if (!site) {
         return <LoadingPage />;
@@ -176,7 +179,8 @@ const GiftPage = () => {
 
     const siteIcon = site.icon;
     const siteTitle = site.title || '';
-    const disabled = isCookiesDisabled();
+    const isPurchasing = action === 'checkoutGift:running';
+    const isDisabled = isCookiesDisabled() || isPurchasing;
 
     const emailField = [{
         type: 'email',
@@ -190,7 +194,7 @@ const GiftPage = () => {
         errorMessage: emailError
     }];
 
-    const handlePurchase = (e) => {
+    const handlePurchase = (e, product) => {
         e.preventDefault();
 
         const errors = ValidateInputForm({fields: emailField});
@@ -201,7 +205,13 @@ const GiftPage = () => {
         }
 
         setEmailError('');
-        // TODO: implement gift checkout using priceId and email
+        setSelectedProduct(product.id);
+
+        doAction('checkoutGift', {
+            tierId: product.id,
+            cadence: activeInterval,
+            email
+        });
     };
 
     return (
@@ -243,10 +253,12 @@ const GiftPage = () => {
                                 {products.map(product => (
                                     <GiftProductCard
                                         key={product.id}
+                                        brandColor={brandColor}
                                         product={product}
                                         selectedInterval={activeInterval}
+                                        isDisabled={isDisabled}
+                                        isPurchasing={isPurchasing && selectedProduct === product.id}
                                         onPurchase={handlePurchase}
-                                        disabled={disabled}
                                     />
                                 ))}
                             </div>
diff --git a/apps/portal/src/utils/api.js b/apps/portal/src/utils/api.js
index 2c57f01e47e..2890c78bbac 100644
--- a/apps/portal/src/utils/api.js
+++ b/apps/portal/src/utils/api.js
@@ -509,6 +509,60 @@ function setupGhostApi({siteUrl = window.location.origin, apiUrl, apiKey}) {
             });
         },
 
+        async checkoutGift({tierId, cadence, email: customerEmail} = {}) {
+            const url = endpointFor({type: 'members', resource: 'create-stripe-checkout-session'});
+
+            let identity = null;
+            try {
+                identity = await api.member.identity();
+            } catch (e) {
+                // Not authenticated - that's fine for gift purchases
+            }
+
+            const body = {
+                identity,
+                metadata: {
+                    requestSrc: 'portal'
+                },
+                type: 'gift',
+                tierId,
+                cadence,
+                customerEmail
+            };
+
+            const response = await makeRequest({
+                url,
+                method: 'POST',
+                headers: {
+                    'Content-Type': 'application/json'
+                },
+                body: JSON.stringify(body)
+            });
+
+            let responseJson = {};
+            try {
+                responseJson = await response.json();
+            } catch (e) {
+                // response may not be JSON (e.g. HTML error page from proxy)
+            }
+
+            if (!response.ok) {
+                const error = responseJson?.errors?.[0];
+
+                if (error) {
+                    throw error;
+                }
+
+                throw new Error('Failed to process gift checkout, please try again.');
+            }
+
+            if (responseJson.url) {
+                return window.location.assign(responseJson.url);
+            }
+
+            throw new Error('Failed to process gift checkout, please try again.');
+        },
+
         async checkoutDonation({successUrl, cancelUrl, metadata = {}, personalNote = ''} = {}) {
             const identity = await api.member.identity();
             const url = endpointFor({type: 'members', resource: 'create-stripe-checkout-session'});
diff --git a/apps/portal/test/actions.test.ts b/apps/portal/test/actions.test.ts
index 3ea51468957..d246826f8a3 100644
--- a/apps/portal/test/actions.test.ts
+++ b/apps/portal/test/actions.test.ts
@@ -343,3 +343,47 @@ describe('verifyOTC action', () => {
         });
     });
 });
+
+describe('checkoutGift action', () => {
+    test('calls api.member.checkoutGift with correct data', async () => {
+        const mockApi = {
+            member: {
+                checkoutGift: vi.fn(() => Promise.resolve())
+            }
+        };
+
+        const result = await ActionHandler({
+            action: 'checkoutGift',
+            data: {tierId: 'tier_123', cadence: 'month', email: 'buyer@example.com'},
+            state: {},
+            api: mockApi
+        });
+
+        expect(mockApi.member.checkoutGift).toHaveBeenCalledWith({
+            tierId: 'tier_123',
+            cadence: 'month',
+            email: 'buyer@example.com'
+        });
+        expect(result.action).toBe('checkoutGift:success');
+    });
+
+    test('returns failed action with notification on error', async () => {
+        const mockApi = {
+            member: {
+                checkoutGift: vi.fn(() => Promise.reject(new Error('Stripe error')))
+            }
+        };
+
+        const result = await ActionHandler({
+            action: 'checkoutGift',
+            data: {tierId: 'tier_123', cadence: 'month', email: 'buyer@example.com'},
+            state: {},
+            api: mockApi
+        });
+
+        expect(result.action).toBe('checkoutGift:failed');
+        expect(result.popupNotification).toBeDefined();
+        expect(result.popupNotification.type).toBe('checkoutGift:failed');
+        expect(result.popupNotification.status).toBe('error');
+    });
+});
diff --git a/ghost/core/core/server/services/members/members-api/controllers/router-controller.js b/ghost/core/core/server/services/members/members-api/controllers/router-controller.js
index b4c183885d2..f08543d9138 100644
--- a/ghost/core/core/server/services/members/members-api/controllers/router-controller.js
+++ b/ghost/core/core/server/services/members/members-api/controllers/router-controller.js
@@ -29,6 +29,7 @@ const messages = {
     memberNotFound: 'No member exists with this e-mail address.',
     invalidType: 'Invalid checkout type.',
     notConfigured: 'This site is not accepting payments at the moment.',
+    giftSubscriptionsNotEnabled: 'Gift subscriptions are not enabled on this site.',
     invalidNewsletters: 'Cannot subscribe to invalid newsletters {newsletters}',
     archivedNewsletters: 'Cannot subscribe to archived newsletters {newsletters}',
     otcNotSupported: 'OTC verification not supported.',
@@ -598,6 +599,39 @@ module.exports = class RouterController {
         }
     }
 
+    /**
+     * @param {object} options
+     * @param {object} options.tier
+     * @param {'month'|'year'} options.cadence
+     * @param {string} options.email
+     * @param {string} options.successUrl
+     * @param {string} options.cancelUrl
+     * @param {object} options.metadata
+     * @param {object} [options.member]
+     * @param {boolean} options.isAuthenticated
+     * @returns
+     */
+    async _createGiftCheckoutSession(options) {
+        if (!this._paymentsService.stripeAPIService.configured) {
+            throw new DisabledFeatureError({
+                message: tpl(messages.notConfigured)
+            });
+        }
+
+        try {
+            const paymentLink = await this._paymentsService.getGiftPaymentLink(options);
+
+            return {url: paymentLink};
+        } catch (err) {
+            logging.error(err);
+            this._sentry?.captureException?.(err);
+            throw new BadRequestError({
+                err,
+                message: tpl(messages.unableToCheckout)
+            });
+        }
+    }
+
     async createCheckoutSession(req, res) {
         const type = req.body.type ?? 'subscription';
         const metadata = req.body.metadata ?? {};
@@ -605,7 +639,7 @@ module.exports = class RouterController {
         const membersEnabled = true;
 
         // Check this checkout type is supported
-        if (typeof type !== 'string' || !['subscription', 'donation'].includes(type)) {
+        if (typeof type !== 'string' || !['subscription', 'donation', 'gift'].includes(type)) {
             throw new BadRequestError({
                 message: tpl(messages.invalidType)
             });
@@ -682,6 +716,42 @@ module.exports = class RouterController {
         } else if (type === 'donation') {
             options.personalNote = parsePersonalNote(req.body.personalNote);
             response = await this._createDonationCheckoutSession(options);
+        } else if (type === 'gift') {
+            if (!this.labsService.isSet('giftSubscriptions')) {
+                throw new BadRequestError({
+                    message: tpl(messages.giftSubscriptionsNotEnabled)
+                });
+            }
+
+            if (!membersEnabled) {
+                throw new BadRequestError({
+                    message: tpl(messages.badRequest)
+                });
+            }
+
+            if (typeof req.body.customerEmail !== 'string' || !isEmail(req.body.customerEmail)) {
+                throw new BadRequestError({
+                    message: tpl(messages.badRequest),
+                    context: 'A valid email address is required to purchase a gift subscription'
+                });
+            }
+
+            if (req.body.offerId) {
+                throw new BadRequestError({
+                    message: tpl(messages.badRequest),
+                    context: 'Offers cannot be applied to gift subscriptions'
+                });
+            }
+
+            const data = await this._getSubscriptionCheckoutData(req.body);
+
+            response = await this._createGiftCheckoutSession({
+                ...options,
+                ...data,
+                duration: 1, // gifts are currently 1 month or 1 year only
+                successUrl: this._urlUtils.getSiteUrl(),
+                cancelUrl: this._urlUtils.getSiteUrl()
+            });
         }
 
         res.writeHead(200, {
diff --git a/ghost/core/core/server/services/members/members-api/services/payments-service.js b/ghost/core/core/server/services/members/members-api/services/payments-service.js
index 6920cd3422b..96bbd30b866 100644
--- a/ghost/core/core/server/services/members/members-api/services/payments-service.js
+++ b/ghost/core/core/server/services/members/members-api/services/payments-service.js
@@ -1,3 +1,4 @@
+const crypto = require('node:crypto');
 const logging = require('@tryghost/logging');
 const DomainEvents = require('@tryghost/domain-events');
 const TierCreatedEvent = require('../../../tiers/tier-created-event');
@@ -150,6 +151,61 @@ class PaymentsService {
         return session.url;
     }
 
+    /**
+     * @param {object} params
+     * @param {import('../../../tiers/tier')} params.tier
+     * @param {'month'|'year'} params.cadence
+     * @param {number} params.duration
+     * @param {string} params.email
+     * @param {string} params.successUrl
+     * @param {string} params.cancelUrl
+     * @param {object} params.metadata
+     * @param {object} [params.member]
+     * @param {boolean} params.isAuthenticated
+     *
+     * @returns {Promise<string>}
+     */
+    async getGiftPaymentLink({tier, cadence, duration, email, metadata, successUrl, cancelUrl, member, isAuthenticated}) {
+        let customer = null;
+        if (member && isAuthenticated) {
+            customer = await this.getCustomerForMember(member);
+        }
+
+        const amount = tier.getPrice(cadence);
+        const currency = tier.currency.toLowerCase();
+
+        const token = crypto.randomUUID();
+
+        const successUrlObj = new URL(successUrl);
+        successUrlObj.searchParams.set('stripe', 'gift-purchase-success');
+        successUrlObj.searchParams.set('gift_token', token);
+
+        const data = {
+            amount,
+            currency,
+            tierName: tier.name,
+            cadence,
+            duration,
+            metadata: {
+                ...metadata,
+                ghost_gift: 'true',
+                gift_token: token,
+                tier_id: tier.id.toHexString(),
+                cadence,
+                duration: String(duration),
+                purchaser_email: email
+            },
+            successUrl: successUrlObj.toString(),
+            cancelUrl,
+            customer,
+            customerEmail: !customer ? email : null
+        };
+
+        const session = await this.stripeAPIService.createGiftCheckoutSession(data);
+
+        return session.url;
+    }
+
     async getCustomerForMember(member) {
         const rows = await this.StripeCustomerModel.where({
             member_id: member.id
diff --git a/ghost/core/core/server/services/stripe/stripe-api.js b/ghost/core/core/server/services/stripe/stripe-api.js
index 98443c0cecf..a2f99b0ced9 100644
--- a/ghost/core/core/server/services/stripe/stripe-api.js
+++ b/ghost/core/core/server/services/stripe/stripe-api.js
@@ -682,6 +682,61 @@ module.exports = class StripeAPI {
         return session;
     }
 
+    /**
+     * Create a new Stripe Checkout Session for a gift subscription.
+     *
+     * @param {object} options
+     * @param {number} options.amount
+     * @param {string} options.currency
+     * @param {string} options.tierName
+     * @param {'month'|'year'} options.cadence
+     * @param {number} options.duration
+     * @param {object} options.metadata
+     * @param {string} options.successUrl
+     * @param {string} options.cancelUrl
+     * @param {ICustomer|null} options.customer
+     * @param {string|null} options.customerEmail
+     *
+     * @returns {Promise<ICheckoutSession>}
+     */
+    async createGiftCheckoutSession({amount, currency, tierName, cadence, duration, metadata, successUrl, cancelUrl, customer, customerEmail}) {
+        await this._rateLimitBucket.throttle();
+
+        const cadenceLabel = duration === 1 ? `1 ${cadence}` : `${duration} ${cadence}s`;
+
+        const stripeSessionOptions = {
+            mode: 'payment',
+            success_url: successUrl,
+            cancel_url: cancelUrl,
+            automatic_tax: {
+                enabled: this._config.enableAutomaticTax
+            },
+            metadata,
+            customer: customer ? customer.id : undefined,
+            customer_email: !customer && customerEmail ? customerEmail : undefined,
+            submit_type: 'pay',
+            line_items: [{
+                price_data: {
+                    currency,
+                    unit_amount: amount,
+                    product_data: {
+                        name: `Gift Subscription - ${tierName} (${cadenceLabel})`
+                    }
+                },
+                quantity: 1
+            }]
+        };
+
+        if (customer && this._config.enableAutomaticTax) {
+            stripeSessionOptions.customer_update = {address: 'auto'};
+        }
+
+        // @ts-ignore
+        const session = await this._stripe.checkout.sessions.create(stripeSessionOptions);
+
+        return session;
+    }
+
     /**
      * Create a new Stripe Checkout Setup Session.
      *
diff --git a/ghost/core/test/unit/server/services/members/members-api/controllers/router-controller.test.js b/ghost/core/test/unit/server/services/members/members-api/controllers/router-controller.test.js
index ccb200203cc..4fb04a999a5 100644
--- a/ghost/core/test/unit/server/services/members/members-api/controllers/router-controller.test.js
+++ b/ghost/core/test/unit/server/services/members/members-api/controllers/router-controller.test.js
@@ -681,6 +681,143 @@ describe('RouterController', function () {
             });
         });
 
+        describe('gift checkout', function () {
+            let getGiftLinkSpy;
+
+            beforeEach(function () {
+                getGiftLinkSpy = sinon.stub().resolves('https://checkout.stripe.com/gift');
+                paymentsService.getGiftPaymentLink = getGiftLinkSpy;
+            });
+
+            function createGiftController(overrides = {}) {
+                return new RouterController({
+                    tiersService,
+                    paymentsService,
+                    offersAPI,
+                    stripeAPIService,
+                    labsService,
+                    settingsCache,
+                    settingsHelpers,
+                    memberRepository: {get: sinon.stub().resolves(null)},
+                    urlUtils: {getSiteUrl: sinon.stub().returns('https://example.com/')},
+                    memberAttributionService: {getAttribution: sinon.stub().resolves({})},
+                    emailAddressService,
+                    ...overrides
+                });
+            }
+
+            const mockRes = {writeHead: () => {}, end: () => {}};
+
+            function paidTierService(price = 5000) {
+                return {
+                    api: {
+                        read: sinon.stub().resolves({
+                            id: {toHexString: () => 'tier_123'},
+                            status: 'active',
+                            getPrice: sinon.stub().returns(price)
+                        })
+                    }
+                };
+            }
+
+            it('calls getGiftPaymentLink with correct options', async function () {
+                const controller = createGiftController({tiersService: paidTierService()});
+
+                await controller.createCheckoutSession({
+                    body: {type: 'gift', tierId: 'tier_123', cadence: 'month', customerEmail: 'buyer@example.com', metadata: {}}
+                }, mockRes);
+
+                sinon.assert.calledOnce(getGiftLinkSpy);
+                sinon.assert.calledWith(getGiftLinkSpy, sinon.match({
+                    successUrl: 'https://example.com/',
+                    cancelUrl: 'https://example.com/',
+                    email: 'buyer@example.com'
+                }));
+            });
+
+            it('rejects when giftSubscriptions labs flag is disabled', async function () {
+                labsService.isSet = sinon.stub().returns(false);
+                const controller = createGiftController();
+
+                try {
+                    await controller.createCheckoutSession({
+                        body: {type: 'gift', tierId: 'tier_123', cadence: 'month', customerEmail: 'buyer@example.com', metadata: {}}
+                    }, mockRes);
+
+                    assert.fail('Should have thrown');
+                } catch (error) {
+                    assert(error instanceof errors.BadRequestError);
+                }
+            });
+
+            it('rejects when customerEmail is not provided', async function () {
+                const controller = createGiftController({tiersService: paidTierService()});
+
+                try {
+                    await controller.createCheckoutSession({
+                        body: {type: 'gift', tierId: 'tier_123', cadence: 'month', metadata: {}}
+                    }, mockRes);
+
+                    assert.fail('Should have thrown');
+                } catch (error) {
+                    assert(error instanceof errors.BadRequestError);
+                    assert.equal(error.context, 'A valid email address is required to purchase a gift subscription');
+                }
+            });
+
+            it('rejects when customerEmail is invalid', async function () {
+                const controller = createGiftController({tiersService: paidTierService()});
+
+                try {
+                    await controller.createCheckoutSession({
+                        body: {type: 'gift', tierId: 'tier_123', cadence: 'month', customerEmail: 'not-an-email', metadata: {}}
+                    }, mockRes);
+                    assert.fail('Should have thrown');
+                } catch (error) {
+                    assert(error instanceof errors.BadRequestError);
+                    assert.equal(error.context, 'A valid email address is required to purchase a gift subscription');
+                }
+            });
+
+            it('rejects when offerId is provided', async function () {
+                const controller = createGiftController();
+
+                try {
+                    await controller.createCheckoutSession({
+                        body: {type: 'gift', offerId: 'offer_123', customerEmail: 'buyer@example.com', metadata: {}}
+                    }, mockRes);
+                    assert.fail('Should have thrown');
+                } catch (error) {
+                    assert(error instanceof errors.BadRequestError);
+                    assert.equal(error.context, 'Offers cannot be applied to gift subscriptions');
+                }
+            });
+
+            it('does not block paid members from purchasing gifts', async function () {
+                const controller = createGiftController({
+                    tiersService: paidTierService(),
+                    tokenService: {decodeToken: sinon.stub().resolves({sub: 'member@example.com'})},
+                    memberRepository: {
+                        get: sinon.stub().resolves({
+                            id: 'member_123',
+                            get: sinon.stub().returns('paid'),
+                            related: sinon.stub().returns({
+                                query: sinon.stub().returns({
+                                    fetch: sinon.stub().resolves([])
+                                })
+                            })
+                        })
+                    }
+                });
+
+                await controller.createCheckoutSession({
+                    body: {type: 'gift', tierId: 'tier_123', cadence: 'month', customerEmail: 'buyer@example.com', identity: 'valid-token', metadata: {}}
+                }, mockRes);
+
+                sinon.assert.calledOnce(getGiftLinkSpy);
+            });
+        });
+
         it('adds welcomePageUrl to response for authenticated members when tier has welcomePageURL', async function () {
             const routerController = new RouterController({
                 tiersService: {
diff --git a/ghost/core/test/unit/server/services/members/members-api/services/payments-service.test.js b/ghost/core/test/unit/server/services/members/members-api/services/payments-service.test.js
index a47765312e1..d59f4ca51b8 100644
--- a/ghost/core/test/unit/server/services/members/members-api/services/payments-service.test.js
+++ b/ghost/core/test/unit/server/services/members/members-api/services/payments-service.test.js
@@ -300,4 +300,152 @@ describe('PaymentsService', function () {
             assert.equal(stripeAPIService.createCheckoutSession.getCall(0).args[2].trialDays, undefined);
         });
     });
+
+    describe('getGiftPaymentLink', function () {
+        let createGiftCheckoutSessionStub;
+        let service;
+
+        beforeEach(function () {
+            createGiftCheckoutSessionStub = sinon.fake.resolves({
+                url: 'https://checkout.stripe.com/gift-session'
+            });
+            service = new PaymentsService({
+                stripeAPIService: {createGiftCheckoutSession: createGiftCheckoutSessionStub}
+            });
+        });
+
+        async function createTier(overrides = {}) {
+            return Tier.create({
+                name: 'Pro',
+                slug: 'pro',
+                currency: 'usd',
+                monthlyPrice: 1000,
+                yearlyPrice: 10000,
+                ...overrides
+            });
+        }
+
+        const defaultGiftOptions = {
+            successUrl: 'https://example.com/',
+            cancelUrl: 'https://example.com/',
+            email: 'buyer@example.com',
+            duration: 1,
+            metadata: {}
+        };
+
+        function getStripeArgs() {
+            return createGiftCheckoutSessionStub.firstCall.firstArg;
+        }
+
+        it('generates a token and passes correct metadata to Stripe', async function () {
+            const tier = await createTier();
+
+            const url = await service.getGiftPaymentLink({
+                ...defaultGiftOptions,
+                tier,
+                cadence: 'month',
+                metadata: {requestSrc: 'portal'}
+            });
+
+            assert.equal(url, 'https://checkout.stripe.com/gift-session');
+
+            sinon.assert.calledOnce(createGiftCheckoutSessionStub);
+
+            const args = getStripeArgs();
+            assert.equal(args.amount, 1000);
+            assert.equal(args.currency, 'usd');
+            assert.equal(args.tierName, 'Pro');
+            assert.equal(args.cadence, 'month');
+            assert.equal(args.metadata.ghost_gift, 'true');
+            assert.equal(args.metadata.tier_id, tier.id.toHexString());
+            assert.equal(args.metadata.cadence, 'month');
+            assert.equal(args.metadata.duration, '1');
+            assert.equal(args.metadata.purchaser_email, 'buyer@example.com');
+            assert.equal(args.metadata.requestSrc, 'portal');
+            assert.match(args.metadata.gift_token, /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/);
+        });
+
+        it('appends gift token to success URL', async function () {
+            const tier = await createTier({monthlyPrice: 5000, yearlyPrice: 50000});
+
+            await service.getGiftPaymentLink({...defaultGiftOptions, tier, cadence: 'year'});
+
+            const args = getStripeArgs();
+            const successUrl = new URL(args.successUrl);
+
+            assert.equal(successUrl.searchParams.get('stripe'), 'gift-purchase-success');
+            assert.equal(successUrl.searchParams.get('gift_token'), args.metadata.gift_token);
+        });
+
+        it('prevents caller metadata from overwriting gift-specific keys', async function () {
+            const tier = await createTier();
+
+            await service.getGiftPaymentLink({
+                ...defaultGiftOptions,
+                tier,
+                cadence: 'month',
+                metadata: {ghost_gift: 'false', gift_token: 'malicious-token'}
+            });
+
+            const args = getStripeArgs();
+
+            assert.equal(args.metadata.ghost_gift, 'true');
+            assert.notEqual(args.metadata.gift_token, 'malicious-token');
+        });
+
+        it('looks up Stripe customer for authenticated members', async function () {
+            const mockCustomer = {id: 'cus_123', email: 'member@example.com'};
+            sinon.stub(service, 'getCustomerForMember').resolves(mockCustomer);
+
+            const tier = await createTier();
+            const mockMember = {id: 'member_123', get: sinon.stub().returns('member@example.com')};
+
+            await service.getGiftPaymentLink({
+                ...defaultGiftOptions,
+                tier,
+                cadence: 'month',
+                member: mockMember,
+                isAuthenticated: true
+            });
+
+            sinon.assert.calledOnce(service.getCustomerForMember);
+            sinon.assert.calledWith(service.getCustomerForMember, mockMember);
+            assert.equal(getStripeArgs().customer, mockCustomer);
+            assert.equal(getStripeArgs().customerEmail, null);
+        });
+
+        it('passes customerEmail when purchaser is not authenticated', async function () {
+            const tier = await createTier();
+
+            await service.getGiftPaymentLink({
+                ...defaultGiftOptions,
+                tier,
+                cadence: 'month',
+                email: 'guest@example.com',
+                isAuthenticated: false
+            });
+
+            assert.equal(getStripeArgs().customer, null);
+            assert.equal(getStripeArgs().customerEmail, 'guest@example.com');
+        });
+
+        it('does not set customerEmail when customer is present', async function () {
+            const mockCustomer = {id: 'cus_123', email: 'member@example.com'};
+            sinon.stub(service, 'getCustomerForMember').resolves(mockCustomer);
+
+            const tier = await createTier();
+
+            await service.getGiftPaymentLink({
+                ...defaultGiftOptions,
+                tier,
+                cadence: 'month',
+                email: 'should-be-ignored@example.com',
+                member: {id: 'member_123', get: sinon.stub().returns('member@example.com')},
+                isAuthenticated: true
+            });
+
+            assert.equal(getStripeArgs().customer, mockCustomer);
+            assert.equal(getStripeArgs().customerEmail, null);
+        });
+    });
 });
diff --git a/ghost/core/test/unit/server/services/stripe/stripe-api.test.js b/ghost/core/test/unit/server/services/stripe/stripe-api.test.js
index a1da596fac2..a1c9947bd97 100644
--- a/ghost/core/test/unit/server/services/stripe/stripe-api.test.js
+++ b/ghost/core/test/unit/server/services/stripe/stripe-api.test.js
@@ -655,4 +655,227 @@ describe('StripeAPI', function () {
             assert(mockStripe.checkout.sessions.create.firstCall.firstArg.custom_fields.length <= 3);
         });
     });
+
+    describe('createGiftCheckoutSession', function () {
+        beforeEach(function () {
+            mockStripe = {
+                checkout: {
+                    sessions: {
+                        create: sinon.stub().resolves({url: 'https://checkout.stripe.com/session'})
+                    }
+                }
+            };
+
+            sinon.stub(mockLabs, 'isSet');
+
+            const mockStripeConstructor = sinon.stub().returns(mockStripe);
+
+            StripeAPI.__set__('Stripe', mockStripeConstructor);
+
+            api.configure({
+                checkoutSessionSuccessUrl: '/success',
+                checkoutSessionCancelUrl: '/cancel',
+                checkoutSetupSessionSuccessUrl: '/setup-success',
+                checkoutSetupSessionCancelUrl: '/setup-cancel',
+                secretKey: ''
+            });
+        });
+
+        afterEach(function () {
+            sinon.restore();
+        });
+
+        it('creates a session with mode payment and inline price_data', async function () {
+            await api.createGiftCheckoutSession({
+                amount: 5000,
+                currency: 'usd',
+                tierName: 'Pro',
+                cadence: 'year',
+                duration: 1,
+                successUrl: '/gift-success',
+                cancelUrl: '/gift-cancel',
+                metadata: {ghost_gift: 'true', gift_token: 'abc-123'}
+            });
+
+            const args = mockStripe.checkout.sessions.create.firstCall.firstArg;
+
+            assert.equal(args.mode, 'payment');
+            assert.equal(args.submit_type, 'pay');
+            assert.equal(args.success_url, '/gift-success');
+            assert.equal(args.cancel_url, '/gift-cancel');
+            assert.equal(args.line_items[0].quantity, 1);
+            assert.equal(args.line_items[0].price_data.unit_amount, 5000);
+            assert.equal(args.line_items[0].price_data.currency, 'usd');
+            assert.equal(args.line_items[0].price_data.product_data.name, 'Gift Subscription - Pro (1 year)');
+        });
+
+        it('uses 1 month label for monthly cadence', async function () {
+            await api.createGiftCheckoutSession({
+                amount: 1000,
+                currency: 'usd',
+                tierName: 'Basic',
+                cadence: 'month',
+                duration: 1,
+                successUrl: '/gift-success',
+                cancelUrl: '/gift-cancel',
+                metadata: {}
+            });
+
+            const args = mockStripe.checkout.sessions.create.firstCall.firstArg;
+
+            assert.equal(args.line_items[0].price_data.product_data.name, 'Gift Subscription - Basic (1 month)');
+        });
+
+        it('pluralises cadence label when duration is greater than 1', async function () {
+            await api.createGiftCheckoutSession({
+                amount: 3000,
+                currency: 'usd',
+                tierName: 'Pro',
+                cadence: 'month',
+                duration: 3,
+                successUrl: '/gift-success',
+                cancelUrl: '/gift-cancel',
+                metadata: {}
+            });
+
+            const args = mockStripe.checkout.sessions.create.firstCall.firstArg;
+
+            assert.equal(args.line_items[0].price_data.product_data.name, 'Gift Subscription - Pro (3 months)');
+        });
+
+        it('passes metadata through directly', async function () {
+            const metadata = {
+                ghost_gift: 'true',
+                gift_token: 'token-xyz',
+                tier_id: 'tier_123',
+                cadence: 'month',
+                purchaser_email: 'buyer@example.com'
+            };
+
+            await api.createGiftCheckoutSession({
+                amount: 1000,
+                currency: 'usd',
+                tierName: 'Basic',
+                cadence: 'month',
+                duration: 1,
+                successUrl: '/gift-success',
+                cancelUrl: '/gift-cancel',
+                metadata
+            });
+
+            const args = mockStripe.checkout.sessions.create.firstCall.firstArg;
+
+            assert.deepEqual(args.metadata, metadata);
+        });
+
+        it('passes customer ID when customer is provided', async function () {
+            await api.createGiftCheckoutSession({
+                amount: 5000,
+                currency: 'usd',
+                tierName: 'Pro',
+                cadence: 'year',
+                duration: 1,
+                successUrl: '/gift-success',
+                cancelUrl: '/gift-cancel',
+                metadata: {},
+                customer: {id: mockCustomerId}
+            });
+
+            const args = mockStripe.checkout.sessions.create.firstCall.firstArg;
+
+            assert.equal(args.customer, mockCustomerId);
+            assert.equal(args.customer_email, undefined);
+        });
+
+        it('passes customer_email when no customer is provided', async function () {
+            await api.createGiftCheckoutSession({
+                amount: 5000,
+                currency: 'usd',
+                tierName: 'Pro',
+                cadence: 'year',
+                duration: 1,
+                successUrl: '/gift-success',
+                cancelUrl: '/gift-cancel',
+                metadata: {},
+                customerEmail: mockCustomerEmail
+            });
+
+            const args = mockStripe.checkout.sessions.create.firstCall.firstArg;
+
+            assert.equal(args.customer, undefined);
+            assert.equal(args.customer_email, mockCustomerEmail);
+        });
+
+        it('does not include invoice_creation or custom_fields', async function () {
+            await api.createGiftCheckoutSession({
+                amount: 5000,
+                currency: 'usd',
+                tierName: 'Pro',
+                cadence: 'year',
+                duration: 1,
+                successUrl: '/gift-success',
+                cancelUrl: '/gift-cancel',
+                metadata: {}
+            });
+
+            const args = mockStripe.checkout.sessions.create.firstCall.firstArg;
+
+            assert.equal(args.invoice_creation, undefined);
+            assert.equal(args.custom_fields, undefined);
+        });
+
+        it('sets customer_update when customer and automatic tax are enabled', async function () {
+            api.configure({
+                checkoutSessionSuccessUrl: '/success',
+                checkoutSessionCancelUrl: '/cancel',
+                checkoutSetupSessionSuccessUrl: '/setup-success',
+                checkoutSetupSessionCancelUrl: '/setup-cancel',
+                secretKey: '',
+                enableAutomaticTax: true
+            });
+
+            await api.createGiftCheckoutSession({
+                amount: 5000,
+                currency: 'usd',
+                tierName: 'Pro',
+                cadence: 'year',
+                duration: 1,
+                successUrl: '/gift-success',
+                cancelUrl: '/gift-cancel',
+                metadata: {},
+                customer: {id: mockCustomerId}
+            });
+
+            const args = mockStripe.checkout.sessions.create.firstCall.firstArg;
+
+            assert.deepEqual(args.customer_update, {address: 'auto'});
+        });
+
+        it('does not set customer_update without customer', async function () {
+            api.configure({
+                checkoutSessionSuccessUrl: '/success',
+                checkoutSessionCancelUrl: '/cancel',
+                checkoutSetupSessionSuccessUrl: '/setup-success',
+                checkoutSetupSessionCancelUrl: '/setup-cancel',
+                secretKey: '',
+                enableAutomaticTax: true
+            });
+
+            await api.createGiftCheckoutSession({
+                amount: 5000,
+                currency: 'usd',
+                tierName: 'Pro',
+                cadence: 'year',
+                duration: 1,
+                successUrl: '/gift-success',
+                cancelUrl: '/gift-cancel',
+                metadata: {},
+                customerEmail: mockCustomerEmail
+            });
+
+            const args = mockStripe.checkout.sessions.create.firstCall.firstArg;
+
+            assert.equal(args.customer_update, undefined);
+        });
+    });
 });

From 9fc53419a84a86e2945c7877e3c60774a661098c Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Mon, 6 Apr 2026 10:41:22 +0000
Subject: [PATCH 05/12] Update dependency react-hook-form to v7.72.1 (#27165)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This PR contains the following updates:

| Package | Change |
[Age](https://docs.renovatebot.com/merge-confidence/) |
[Confidence](https://docs.renovatebot.com/merge-confidence/) |
|---|---|---|---|
| [react-hook-form](https://react-hook-form.com)
([source](https://redirect.github.com/react-hook-form/react-hook-form))
| [`7.65.0` →
`7.72.1`](https://renovatebot.com/diffs/npm/react-hook-form/7.65.0/7.72.1)
|
![age](https://developer.mend.io/api/mc/badges/age/npm/react-hook-form/7.72.1?slim=true)
|
![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/react-hook-form/7.65.0/7.72.1?slim=true)
|

---

### Release Notes

<details>
<summary>react-hook-form/react-hook-form (react-hook-form)</summary>

###
[`v7.72.1`](https://redirect.github.com/react-hook-form/react-hook-form/releases/tag/v7.72.1):
Version 7.72.1

[Compare
Source](https://redirect.github.com/react-hook-form/react-hook-form/compare/v7.72.0...v7.72.1)

🐞 fix: add isDirty check for numeric string keys in defaultValues (issue
[#&#8203;13346](https://redirect.github.com/react-hook-form/react-hook-form/issues/13346))
([#&#8203;13347](https://redirect.github.com/react-hook-form/react-hook-form/issues/13347))
🐞 fix: prevent setValue with shouldDirty from polluting unrelated dirty
fields
([#&#8203;13326](https://redirect.github.com/react-hook-form/react-hook-form/issues/13326))
🐞 fix: memoize control in HookFormControlContext to prevent render
conflicts
([#&#8203;13272](https://redirect.github.com/react-hook-form/react-hook-form/issues/13272))
([#&#8203;13312](https://redirect.github.com/react-hook-form/react-hook-form/issues/13312))
🐞 fix: isNameInFieldArray should check all ancestor paths for nested
field arrays
([#&#8203;13318](https://redirect.github.com/react-hook-form/react-hook-form/issues/13318))
🐞 fix:
[#&#8203;13320](https://redirect.github.com/react-hook-form/react-hook-form/issues/13320)
formState.isValid incorrect on Controller re-mount
([#&#8203;13324](https://redirect.github.com/react-hook-form/react-hook-form/issues/13324))

thanks to [@&#8203;6810779s](https://redirect.github.com/6810779s),
[@&#8203;candymask0712](https://redirect.github.com/candymask0712),
[@&#8203;olagokemills](https://redirect.github.com/olagokemills),
[@&#8203;shahmir-oscilar](https://redirect.github.com/shahmir-oscilar) &
[@&#8203;bae080311](https://redirect.github.com/bae080311)

###
[`v7.72.0`](https://redirect.github.com/react-hook-form/react-hook-form/releases/tag/v7.72.0):
Version 7.72.0

[Compare
Source](https://redirect.github.com/react-hook-form/react-hook-form/compare/v7.71.2...v7.72.0)

⚓️ feat: built-in form level validate
([#&#8203;13195](https://redirect.github.com/react-hook-form/react-hook-form/issues/13195))

```tsx
const { register, formState: { errors } } = useForm({
  validate: async (formValue) => {
    if (formValue.test1.length > formValue.test.length) {
      return {
        type: 'formError',
        message: 'something is wrong here',
      };
    }

    if (formValue.test === 'test') {
      return 'direct error message';
    }

    return true;
  },
});
```

🐞 fix: prevent useFieldArray from marking unrelated fields as dirty
([#&#8203;13299](https://redirect.github.com/react-hook-form/react-hook-form/issues/13299))
🐞 fix
[#&#8203;13300](https://redirect.github.com/react-hook-form/react-hook-form/issues/13300)
checkbox form validation ignored with native validation
([#&#8203;13310](https://redirect.github.com/react-hook-form/react-hook-form/issues/13310))
🌉 allow subscribe formState to track submit state
([#&#8203;13319](https://redirect.github.com/react-hook-form/react-hook-form/issues/13319))

###
[`v7.71.2`](https://redirect.github.com/react-hook-form/react-hook-form/releases/tag/v7.71.2):
Version 7.71.2

[Compare
Source](https://redirect.github.com/react-hook-form/react-hook-form/compare/v7.71.1...v7.71.2)

🕵️‍♂️ fix: use DeepPartialSkipArrayKey for WatchObserver value parameter
([#&#8203;13278](https://redirect.github.com/react-hook-form/react-hook-form/issues/13278))
🧹 fix(clearErrors): emit name signal for targeted field updates
([#&#8203;13280](https://redirect.github.com/react-hook-form/react-hook-form/issues/13280))

thanks to [@&#8203;veeceey](https://redirect.github.com/veeceey),
[@&#8203;kaigritun](https://redirect.github.com/kaigritun),
[@&#8203;pgoslatara](https://redirect.github.com/pgoslatara) &
[@&#8203;seongbiny](https://redirect.github.com/seongbiny)

###
[`v7.71.1`](https://redirect.github.com/react-hook-form/react-hook-form/compare/v7.71.0...51589c50baa008e58f0fad71e5ef3d13314a3018)

[Compare
Source](https://redirect.github.com/react-hook-form/react-hook-form/compare/v7.71.0...v7.71.1)

###
[`v7.71.0`](https://redirect.github.com/react-hook-form/react-hook-form/releases/tag/v7.71.0):
Version 7.71.0

[Compare
Source](https://redirect.github.com/react-hook-form/react-hook-form/compare/v7.70.0...v7.71.0)

⚡ perf: memoize FormProvider context value to prevent unnecessary
rerenders
([#&#8203;13235](https://redirect.github.com/react-hook-form/react-hook-form/issues/13235))
🚄 perf: separate control context to prevent unnecessary rerenders
([#&#8203;13234](https://redirect.github.com/react-hook-form/react-hook-form/issues/13234))
🐞 fix: update isValid when field disabled state changes
([#&#8203;13231](https://redirect.github.com/react-hook-form/react-hook-form/issues/13231))
👌 chore: optimize bundle size via safe terser options
([#&#8203;13243](https://redirect.github.com/react-hook-form/react-hook-form/issues/13243))
([#&#8203;13244](https://redirect.github.com/react-hook-form/react-hook-form/issues/13244))

thanks to [@&#8203;kamja44](https://redirect.github.com/kamja44),
[@&#8203;a28689604](https://redirect.github.com/a28689604) &
[@&#8203;newsiberian](https://redirect.github.com/newsiberian)

###
[`v7.70.0`](https://redirect.github.com/react-hook-form/react-hook-form/compare/v7.69.0...v7.70.0)

[Compare
Source](https://redirect.github.com/react-hook-form/react-hook-form/compare/v7.69.0...v7.70.0)

###
[`v7.69.0`](https://redirect.github.com/react-hook-form/react-hook-form/releases/tag/v7.69.0):
🎄 Version 7.69.0

[Compare
Source](https://redirect.github.com/react-hook-form/react-hook-form/compare/v7.68.0...v7.69.0)

📏 feat: align <Watch /> API with useWatch
([#&#8203;13192](https://redirect.github.com/react-hook-form/react-hook-form/issues/13192))
🤦🏻‍♂️ chore: update
[@&#8203;deprecated](https://redirect.github.com/deprecated) names prop
on <Watch />
([#&#8203;13198](https://redirect.github.com/react-hook-form/react-hook-form/issues/13198))
🏥 chore: safely call function methods on elements
([#&#8203;13190](https://redirect.github.com/react-hook-form/react-hook-form/issues/13190))
🪖 chore: cve-2025-67779
([#&#8203;13196](https://redirect.github.com/react-hook-form/react-hook-form/issues/13196))
🪖 chore: cve-2025-55184 & cve-2025-55183
([#&#8203;13194](https://redirect.github.com/react-hook-form/react-hook-form/issues/13194))
🪖 chore: CVE-2025-55182 Critical RCE vulnerabilty
([#&#8203;13175](https://redirect.github.com/react-hook-form/react-hook-form/issues/13175))
🔬 test: add regression tests for
[#&#8203;12837](https://redirect.github.com/react-hook-form/react-hook-form/issues/12837)
and
[#&#8203;13136](https://redirect.github.com/react-hook-form/react-hook-form/issues/13136)
([#&#8203;13187](https://redirect.github.com/react-hook-form/react-hook-form/issues/13187))
🐞 fix(reset): preserve isValid state when keepIsValid option is used
([#&#8203;13173](https://redirect.github.com/react-hook-form/react-hook-form/issues/13173))
🐞 fix: ensure each createFormControl.subscribe subscription listens only
to the changes it subscribes to
([#&#8203;12968](https://redirect.github.com/react-hook-form/react-hook-form/issues/12968))
🐞 fix(validation): batch isValidating state updates with validation
result
([#&#8203;13181](https://redirect.github.com/react-hook-form/react-hook-form/issues/13181))
🐞 fix(createFormControl): resolve race condition between setError and
setFocus
([#&#8203;13138](https://redirect.github.com/react-hook-form/react-hook-form/issues/13138))
([#&#8203;13169](https://redirect.github.com/react-hook-form/react-hook-form/issues/13169))
🧿 fix <Watch /> control prop type
([#&#8203;13189](https://redirect.github.com/react-hook-form/react-hook-form/issues/13189))
🔔 chore: clean cloneObject logic
([#&#8203;13179](https://redirect.github.com/react-hook-form/react-hook-form/issues/13179))

thanks to [@&#8203;PierreCrb](https://redirect.github.com/PierreCrb),
[@&#8203;a28689604](https://redirect.github.com/a28689604),
[@&#8203;AnuragM7666](https://redirect.github.com/AnuragM7666),
[@&#8203;ap0nia](https://redirect.github.com/ap0nia),
[@&#8203;dusan233](https://redirect.github.com/dusan233) &
[@&#8203;hlongc](https://redirect.github.com/hlongc)

###
[`v7.68.0`](https://redirect.github.com/react-hook-form/react-hook-form/compare/v7.67.0...b84595e77a9f5413f937035269d2f3d86ca2e7b4)

[Compare
Source](https://redirect.github.com/react-hook-form/react-hook-form/compare/v7.67.0...v7.68.0)

###
[`v7.67.0`](https://redirect.github.com/react-hook-form/react-hook-form/releases/tag/v7.67.0):
Version 7.67.0

[Compare
Source](https://redirect.github.com/react-hook-form/react-hook-form/compare/v7.66.1...v7.67.0)

🎯 feat: add exact to useController props
([#&#8203;13154](https://redirect.github.com/react-hook-form/react-hook-form/issues/13154))

```tsx
useForm({
  defaultValues: {
    user: {
      name: ''
    }
  }
})

<Controller control={control} name="user" exact={false} /> // subscribe to all user object
```

✨ fix(types): allow undefined value with async defaultValues in Contr…
([#&#8203;13160](https://redirect.github.com/react-hook-form/react-hook-form/issues/13160))
🐞 fix(types): correct PathValueImpl type inference
([#&#8203;13150](https://redirect.github.com/react-hook-form/react-hook-form/issues/13150))

###
[`v7.66.1`](https://redirect.github.com/react-hook-form/react-hook-form/compare/089f0a30fe0081e3dcc7ac3bae3ed034bf9c63dc...caa514c6d1a9d5116cee973728daa837b1deedf2)

[Compare
Source](https://redirect.github.com/react-hook-form/react-hook-form/compare/v7.66.0...v7.66.1)

###
[`v7.66.0`](https://redirect.github.com/react-hook-form/react-hook-form/compare/v7.65.0...089f0a30fe0081e3dcc7ac3bae3ed034bf9c63dc)

[Compare
Source](https://redirect.github.com/react-hook-form/react-hook-form/compare/v7.65.0...v7.66.0)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - Only on Sunday and Saturday ( * * * * 0,6 ), Between 12:00
AM and 12:59 PM, only on Monday ( * 0-12 * * 1 ) in timezone Etc/UTC.

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR is behind base branch, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/TryGhost/Ghost).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMDIuMTEiLCJ1cGRhdGVkSW5WZXIiOiI0My4xMDIuMTEiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbXX0=-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
---
 apps/shade/package.json | 2 +-
 yarn.lock               | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/apps/shade/package.json b/apps/shade/package.json
index 9651845cb1b..a6ba88499e7 100644
--- a/apps/shade/package.json
+++ b/apps/shade/package.json
@@ -142,7 +142,7 @@
         "react-colorful": "5.6.1",
         "react-dom": "18.3.1",
         "react-dropzone": "14.2.3",
-        "react-hook-form": "7.65.0",
+        "react-hook-form": "7.72.1",
         "react-hot-toast": "2.6.0",
         "react-select": "5.10.2",
         "react-world-flags": "1.6.0",
diff --git a/yarn.lock b/yarn.lock
index 44688cfe955..1fbaa3c458f 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -30731,10 +30731,10 @@ react-error-boundary@^3.1.0:
   dependencies:
     "@babel/runtime" "^7.12.5"
 
-react-hook-form@7.65.0:
-  version "7.65.0"
-  resolved "https://registry.yarnpkg.com/react-hook-form/-/react-hook-form-7.65.0.tgz#6139dac77ed1081d0178b6830dc6f5ff6ff86361"
-  integrity sha512-xtOzDz063WcXvGWaHgLNrNzlsdFgtUWcb32E6WFaGTd7kPZG3EeDusjdZfUsPwKCKVXy1ZlntifaHZ4l8pAsmw==
+react-hook-form@7.72.1:
+  version "7.72.1"
+  resolved "https://registry.yarnpkg.com/react-hook-form/-/react-hook-form-7.72.1.tgz#19a8bbeaf685934f4c9fc422294cc730ade2780e"
+  integrity sha512-RhwBoy2ygeVZje+C+bwJ8g0NjTdBmDlJvAUHTxRjTmSUKPYsKfMphkS2sgEMotsY03bP358yEYlnUeZy//D9Ig==
 
 react-hot-toast@2.6.0:
   version "2.6.0"

From 0f7df8e5656f81fc0cf963b66d6606ddcaf70362 Mon Sep 17 00:00:00 2001
From: Joe Grigg <joe@ghost.org>
Date: Mon, 6 Apr 2026 11:43:03 +0100
Subject: [PATCH 06/12] Updated Tinybird CI to trigger & follow infra workflow
 (#27058)

Ghost CI now triggers & waits for the dispatched traffic analytics
workflow and mirrors its final result.

This moves the Tinybird deploy check out of this repo, over to an
internally managed repo.
---
 .github/workflows/ci.yml                      | 46 +++++++++++++++----
 .../server/data/tinybird/tests/api_kpis.yaml  |  1 +
 2 files changed, 38 insertions(+), 9 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 7b7d946d163..2fcf7c061b1 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -738,11 +738,6 @@ jobs:
         image: tinybirdco/tinybird-local:latest
         ports:
           - 7181:7181
-    env:
-      TINYBIRD_HOST: ${{ secrets.TINYBIRD_HOST }}
-      TINYBIRD_TOKEN: ${{ secrets.TINYBIRD_TOKEN }}
-      TINYBIRD_HOST_STAGING: ${{ secrets.TINYBIRD_HOST_STAGING }}
-      TINYBIRD_TOKEN_STAGING: ${{ secrets.TINYBIRD_TOKEN_STAGING }}
     steps:
       - uses: actions/checkout@v6
       - name: Install Tinybird CLI
@@ -751,10 +746,43 @@ jobs:
         run: tb build
       - name: Test project
         run: tb test run
-      - name: Deployment check - Staging
-        run: tb --cloud --host ${{ env.TINYBIRD_HOST_STAGING }} --token ${{ env.TINYBIRD_TOKEN_STAGING }} deploy --check
-      - name: Deployment check - Production
-        run: tb --cloud --host ${{ env.TINYBIRD_HOST }} --token ${{ env.TINYBIRD_TOKEN }} deploy --check
+      - name: Trigger and watch traffic analytics infra Tinybird workflow
+        if: github.repository == 'TryGhost/Ghost'
+        env:
+          GH_TOKEN: ${{ secrets.TRAFFIC_ANALYTICS_GITHUB_TOKEN }}
+        run: |
+          set -euo pipefail
+
+          REPO="TryGhost/traffic-analytics-infra"
+          WORKFLOW="tinybird.yml"
+          BRANCH="main"
+          DISPATCH_RESPONSE=$(gh api \
+            --method POST \
+            -H "Accept: application/vnd.github+json" \
+            "repos/$REPO/actions/workflows/$WORKFLOW/dispatches" \
+            --input - <<EOF
+          {
+            "ref": "$BRANCH",
+            "return_run_details": true,
+            "inputs": {
+              "ghost_ref": "${{ github.sha }}",
+              "caller_run_id": "${{ github.run_id }}",
+              "run_local_tests": false
+            }
+          }
+          EOF
+          )
+
+          RUN_ID=$(printf '%s' "$DISPATCH_RESPONSE" | jq -r '.workflow_run_id // empty')
+          RUN_URL=$(printf '%s' "$DISPATCH_RESPONSE" | jq -r '.html_url // .run_url // empty')
+
+          if [ -z "$RUN_ID" ]; then
+            echo "::error::Unable to find the triggered workflow run in $REPO"
+            exit 1
+          fi
+
+          echo "Watching remote workflow run: $RUN_URL"
+          gh run watch "$RUN_ID" --repo "$REPO" --exit-status
 
   job_ghost-cli:
     name: Ghost-CLI tests
diff --git a/ghost/core/core/server/data/tinybird/tests/api_kpis.yaml b/ghost/core/core/server/data/tinybird/tests/api_kpis.yaml
index 7bfefd0655a..73a3a02443f 100644
--- a/ghost/core/core/server/data/tinybird/tests/api_kpis.yaml
+++ b/ghost/core/core/server/data/tinybird/tests/api_kpis.yaml
@@ -1,4 +1,5 @@
 
+
 - name: Date range
   description: All fixture data
   parameters: site_uuid=mock_site_uuid&date_from=2100-01-01&date_to=2100-01-07

From df8cadb395b949f9de4414e79c4b5f608e729ee5 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Mon, 6 Apr 2026 12:19:48 +0000
Subject: [PATCH 07/12] Update dependency react-router to v7.14.0 (#27166)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This PR contains the following updates:

| Package | Change |
[Age](https://docs.renovatebot.com/merge-confidence/) |
[Confidence](https://docs.renovatebot.com/merge-confidence/) |
|---|---|---|---|
| [react-router](https://redirect.github.com/remix-run/react-router)
([source](https://redirect.github.com/remix-run/react-router/tree/HEAD/packages/react-router))
| [`7.9.4` →
`7.14.0`](https://renovatebot.com/diffs/npm/react-router/7.9.4/7.14.0) |
![age](https://developer.mend.io/api/mc/badges/age/npm/react-router/7.14.0?slim=true)
|
![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/react-router/7.9.4/7.14.0?slim=true)
|

---

### Release Notes

<details>
<summary>remix-run/react-router (react-router)</summary>

###
[`v7.14.0`](https://redirect.github.com/remix-run/react-router/blob/HEAD/packages/react-router/CHANGELOG.md#7140)

[Compare
Source](https://redirect.github.com/remix-run/react-router/compare/react-router@7.13.2...react-router@7.14.0)

##### Patch Changes

- UNSTABLE RSC FRAMEWORK MODE BREAKING CHANGE - Existing route module
exports remain unchanged from stable v7 non-RSC mode, but new exports
are added for RSC mode. If you want to use RSC features, you will need
to update your route modules to export the new annotations.
([#&#8203;14901](https://redirect.github.com/remix-run/react-router/pull/14901))

If you are using RSC framework mode currently, you will need to update
your route modules to the new conventions. The following route module
components have their own mutually exclusive server component
counterparts:

  | Server Component Export | Client Component  |
  | ----------------------- | ----------------- |
  | `ServerComponent`       | `default`         |
  | `ServerErrorBoundary`   | `ErrorBoundary`   |
  | `ServerLayout`          | `Layout`          |
  | `ServerHydrateFallback` | `HydrateFallback` |

If you were previously exporting a `ServerComponent`, your
`ErrorBoundary`, `Layout`, and `HydrateFallback` were also server
components. If you want to keep those as server components, you can
rename them and prefix them with `Server`. If you were previously
importing the implementations of those components from a client module,
you can simply inline them.

  Example:

  Before

  ```tsx
  import { ErrorBoundary as ClientErrorBoundary } from "./client";

  export function ServerComponent() {
    // ...
  }

  export function ErrorBoundary() {
    return <ClientErrorBoundary />;
  }

  export function Layout() {
    // ...
  }

  export function HydrateFallback() {
    // ...
  }
  ```

  After

  ```tsx
  export function ServerComponent() {
    // ...
  }

  export function ErrorBoundary() {
// previous implementation of ClientErrorBoundary, this is now a client
component
  }

  export function ServerLayout() {
// rename previous Layout export to ServerLayout to make it a server
component
  }

  export function ServerHydrateFallback() {
// rename previous HydrateFallback export to ServerHydrateFallback to
make it a server component
  }
  ```

- rsc Link prefetch
([#&#8203;14902](https://redirect.github.com/remix-run/react-router/pull/14902))

- Remove recursion from turbo-stream v2 allowing for encoding / decoding
of massive payloads.
([#&#8203;14838](https://redirect.github.com/remix-run/react-router/pull/14838))

- encodeViaTurboStream leaked memory via unremoved AbortSignal listener
([#&#8203;14900](https://redirect.github.com/remix-run/react-router/pull/14900))

###
[`v7.13.2`](https://redirect.github.com/remix-run/react-router/blob/HEAD/packages/react-router/CHANGELOG.md#7132)

[Compare
Source](https://redirect.github.com/remix-run/react-router/compare/react-router@7.13.1...react-router@7.13.2)

##### Patch Changes

- Fix clientLoader.hydrate when an ancestor route is also hydrating a
clientLoader
([#&#8203;14835](https://redirect.github.com/remix-run/react-router/pull/14835))

- Fix type error when passing Framework Mode route components using
`Route.ComponentProps` to `createRoutesStub`
([#&#8203;14892](https://redirect.github.com/remix-run/react-router/pull/14892))

- Fix percent encoding in relative path navigation
([#&#8203;14786](https://redirect.github.com/remix-run/react-router/pull/14786))

- Add `future.unstable_passThroughRequests` flag
([#&#8203;14775](https://redirect.github.com/remix-run/react-router/pull/14775))

By default, React Router normalizes the `request.url` passed to your
`loader`, `action`, and `middleware` functions by removing React
Router's internal implementation details (`.data` suffixes, `index` +
`_routes` query params).

Enabling this flag removes that normalization and passes the raw HTTP
`request` instance to your handlers. This provides a few benefits:

- Reduces server-side overhead by eliminating multiple `new Request()`
calls on the critical path
- Allows you to distinguish document from data requests in your handlers
base don the presence of a `.data` suffix (useful for observability
purposes)

If you were previously relying on the normalization of `request.url`,
you can switch to use the new sibling `unstable_url` parameter which
contains a `URL` instance representing the normalized location:

  ```tsx
// ❌ Before: you could assume there was no `.data` suffix in
`request.url`
  export async function loader({ request }: Route.LoaderArgs) {
    let url = new URL(request.url);
    if (url.pathname === "/path") {
// This check will fail with the flag enabled because the `.data` suffix
will
      // exist on data requests
    }
  }

// ✅ After: use `unstable_url` for normalized routing logic and
`request.url`
  // for raw routing logic
export async function loader({ request, unstable_url }:
Route.LoaderArgs) {
    if (unstable_url.pathname === "/path") {
      // This will always have the `.data` suffix stripped
    }

    // And now you can distinguish between document versus data requests
    let isDataRequest = new URL(request.url).pathname.endsWith(".data");
  }
  ```

- Internal refactor to consolidate framework-agnostic/React-specific
route type layers - no public API changes
([#&#8203;14765](https://redirect.github.com/remix-run/react-router/pull/14765))

- Sync protocol validation to rsc flows
([#&#8203;14882](https://redirect.github.com/remix-run/react-router/pull/14882))

- Add a new `unstable_url: URL` parameter to route handler methods
(`loader`, `action`, `middleware`, etc.) representing the normalized URL
the application is navigating to or fetching, with React Router
implementation details removed (`.data`suffix, `index`/`_routes` query
params)
([#&#8203;14775](https://redirect.github.com/remix-run/react-router/pull/14775))

This is being added alongside the new
`future.unstable_passthroughRequests` future flag so that users still
have a way to access the normalized URL when that flag is enabled and
non-normalized `request`'s are being passed to your handlers. When
adopting this flag, you will only need to start leveraging this new
parameter if you are relying on the normalization of `request.url` in
your application code.

If you don't have the flag enabled, then `unstable_url` will match
`request.url`.

###
[`v7.13.1`](https://redirect.github.com/remix-run/react-router/blob/HEAD/packages/react-router/CHANGELOG.md#7131)

[Compare
Source](https://redirect.github.com/remix-run/react-router/compare/react-router@7.13.0...react-router@7.13.1)

##### Patch Changes

- fix null reference exception in bad codepath leading to invalid route
tree comparisons
([#&#8203;14780](https://redirect.github.com/remix-run/react-router/pull/14780))

- fix: clear timeout when turbo-stream encoding completes
([#&#8203;14810](https://redirect.github.com/remix-run/react-router/pull/14810))

- Improve error message when Origin header is invalid
([#&#8203;14743](https://redirect.github.com/remix-run/react-router/pull/14743))

- Fix matchPath optional params matching without a "/" separator.
([#&#8203;14689](https://redirect.github.com/remix-run/react-router/pull/14689))
  - matchPath("/users/:id?", "/usersblah") now returns null.
- matchPath("/test\_route/:part?", "/test\_route\_more") now returns
null.

- add RSC unstable\_getRequest
([#&#8203;14758](https://redirect.github.com/remix-run/react-router/pull/14758))

- Fix `HydrateFallback` rendering during initial lazy route discovery
with matching splat route
([#&#8203;14740](https://redirect.github.com/remix-run/react-router/pull/14740))

- \[UNSTABLE] Add support for `<Link unstable_mask>` in Data Mode which
allows users to navigate to a URL in the router but "mask" the URL
displayed in the browser. This is useful for contextual routing usages
such as displaying an image in a model on top of a gallery, but
displaying a browser URL directly to the image that can be shared and
loaded without the contextual gallery in the background.
([#&#8203;14716](https://redirect.github.com/remix-run/react-router/pull/14716))

  ```tsx
  // routes/gallery.tsx
  export function clientLoader({ request }: Route.LoaderArgs) {
    let sp = new URL(request.url).searchParams;
    return {
      images: getImages(),
// When the router location has the image param, load the modal data
      modalImage: sp.has("image") ? getImage(sp.get("image")!) : null,
    };
  }

export default function Gallery({ loaderData }: Route.ComponentProps) {
    return (
      <>
        <GalleryGrid>
          {loaderData.images.map((image) => (
            <Link
              key={image.id}
              {/* Navigate the router to /galley?image=N */}}
              to={`/gallery?image=${image.id}`}
              {/* But display /images/N in the URL bar */}}
              unstable_mask={`/images/${image.id}`}
            >
              <img src={image.url} alt={image.alt} />
            </Link>
          ))}
        </GalleryGrid>

        {/* When the modal data exists, display the modal */}
        {data.modalImage ? (
          <dialog open>
            <img src={data.modalImage.url} alt={data.modalImage.alt} />
          </dialog>
        ) : null}
      </>
    );
  }
  ```

  Notes:

- The masked location, if present, will be available on
`useLocation().unstable_mask` so you can detect whether you are
currently masked or not.
- Masked URLs only work for SPA use cases, and will be removed from
`history.state` during SSR.
- This provides a first-class API to mask URLs in Data Mode to achieve
the same behavior you could do in Declarative Mode via [manual
`backgroundLocation`
management](https://redirect.github.com/remix-run/react-router/tree/main/examples/modal).

- RSC: Update failed origin checks to return a 400 status and
appropriate UI instead of a generic 500
([#&#8203;14755](https://redirect.github.com/remix-run/react-router/pull/14755))

- Preserve query parameters and hash on manifest version mismatch reload
([#&#8203;14813](https://redirect.github.com/remix-run/react-router/pull/14813))

###
[`v7.13.0`](https://redirect.github.com/remix-run/react-router/blob/HEAD/packages/react-router/CHANGELOG.md#7130)

[Compare
Source](https://redirect.github.com/remix-run/react-router/compare/react-router@7.12.0...react-router@7.13.0)

##### Minor Changes

- Add `crossOrigin` prop to `Links` component
([#&#8203;14687](https://redirect.github.com/remix-run/react-router/pull/14687))

##### Patch Changes

- Fix double slash normalization for useNavigate colon urls
([#&#8203;14718](https://redirect.github.com/remix-run/react-router/pull/14718))
- Update failed origin checks to return a 400 status instead of a 500
([#&#8203;14737](https://redirect.github.com/remix-run/react-router/pull/14737))
- Bugfix
[#&#8203;14666](https://redirect.github.com/remix-run/react-router/issues/14666):
Inline criticalCss is missing nonce
([#&#8203;14691](https://redirect.github.com/remix-run/react-router/pull/14691))
- Loosen `allowedActionOrigins` glob check so `**` matches all domains
([#&#8203;14722](https://redirect.github.com/remix-run/react-router/pull/14722))

###
[`v7.12.0`](https://redirect.github.com/remix-run/react-router/blob/HEAD/packages/react-router/CHANGELOG.md#7120)

[Compare
Source](https://redirect.github.com/remix-run/react-router/compare/react-router@7.11.0...react-router@7.12.0)

##### Minor Changes

- Add additional layer of CSRF protection by rejecting submissions to UI
routes from external origins. If you need to permit access to specific
external origins, you can specify them in the `react-router.config.ts`
config `allowedActionOrigins` field.
([#&#8203;14708](https://redirect.github.com/remix-run/react-router/pull/14708))

##### Patch Changes

- Fix `generatePath` when used with suffixed params (i.e.,
"/books/:id.json")
([#&#8203;14269](https://redirect.github.com/remix-run/react-router/pull/14269))

- Export `UNSAFE_createMemoryHistory` and `UNSAFE_createHashHistory`
alongside `UNSAFE_createBrowserHistory` for consistency. These are not
intended to be used for new apps but intended to help apps usiong
`unstable_HistoryRouter` migrate from v6->v7 so they can adopt the newer
APIs.
([#&#8203;14663](https://redirect.github.com/remix-run/react-router/pull/14663))

- Escape HTML in scroll restoration keys
([#&#8203;14705](https://redirect.github.com/remix-run/react-router/pull/14705))

- Validate redirect locations
([#&#8203;14706](https://redirect.github.com/remix-run/react-router/pull/14706))

- \[UNSTABLE] Pass `<Scripts nonce>` value through to the underlying
`importmap` `script` tag when using
`future.unstable_subResourceIntegrity`
([#&#8203;14675](https://redirect.github.com/remix-run/react-router/pull/14675))

- \[UNSTABLE] Add a new `future.unstable_trailingSlashAwareDataRequests`
flag to provide consistent behavior of `request.pathname` inside
`middleware`, `loader`, and `action` functions on document and data
requests when a trailing slash is present in the browser URL.
([#&#8203;14644](https://redirect.github.com/remix-run/react-router/pull/14644))

Currently, your HTTP and `request` pathnames would be as follows for
`/a/b/c` and `/a/b/c/`

  | URL `/a/b/c` | **HTTP pathname** | **`request` pathname\`** |
  | ------------ | ----------------- | ------------------------ |
  | **Document** | `/a/b/c`          | `/a/b/c` ✅               |
  | **Data**     | `/a/b/c.data`     | `/a/b/c` ✅               |

  | URL `/a/b/c/` | **HTTP pathname** | **`request` pathname\`** |
  | ------------- | ----------------- | ------------------------ |
  | **Document**  | `/a/b/c/`         | `/a/b/c/` ✅              |
  | **Data**      | `/a/b/c.data`     | `/a/b/c` ⚠️              |

With this flag enabled, these pathnames will be made consistent though a
new `_.data` format for client-side `.data` requests:

  | URL `/a/b/c` | **HTTP pathname** | **`request` pathname\`** |
  | ------------ | ----------------- | ------------------------ |
  | **Document** | `/a/b/c`          | `/a/b/c` ✅               |
  | **Data**     | `/a/b/c.data`     | `/a/b/c` ✅               |

  | URL `/a/b/c/` | **HTTP pathname**  | **`request` pathname\`** |
  | ------------- | ------------------ | ------------------------ |
  | **Document**  | `/a/b/c/`          | `/a/b/c/` ✅              |
  | **Data**      | `/a/b/c/_.data` ⬅️ | `/a/b/c/` ✅              |

This a bug fix but we are putting it behind an opt-in flag because it
has the potential to be a "breaking bug fix" if you are relying on the
URL format for any other application or caching logic.

Enabling this flag also changes the format of client side `.data`
requests from `/_root.data` to `/_.data` when navigating to `/` to align
with the new format. This does not impact the `request` pathname which
is still `/` in all cases.

- Preserve `clientLoader.hydrate=true` when using `<HydratedRouter
unstable_instrumentations>`
([#&#8203;14674](https://redirect.github.com/remix-run/react-router/pull/14674))

###
[`v7.11.0`](https://redirect.github.com/remix-run/react-router/blob/HEAD/packages/react-router/CHANGELOG.md#7110)

[Compare
Source](https://redirect.github.com/remix-run/react-router/compare/react-router@7.10.1...react-router@7.11.0)

##### Minor Changes

- Stabilize `<HydratedRouter onError>`/`<RouterProvider onError>`
([#&#8203;14546](https://redirect.github.com/remix-run/react-router/pull/14546))

##### Patch Changes

- add support for throwing redirect Response's at RSC render time
([#&#8203;14596](https://redirect.github.com/remix-run/react-router/pull/14596))

- Support for throwing `data()` and Response from server component
render phase. Response body is not serialized as async work is not
allowed as error encoding phase. If you wish to transmit data to the
boundary, throw `data()` instead.
([#&#8203;14632](https://redirect.github.com/remix-run/react-router/pull/14632))

- Fix `unstable_useTransitions` prop on `<Router>` component to permit
omission for backewards compatibility
([#&#8203;14646](https://redirect.github.com/remix-run/react-router/pull/14646))

- `routeRSCServerRequest` replace `fetchServer` with `serverResponse`
([#&#8203;14597](https://redirect.github.com/remix-run/react-router/pull/14597))

- \[UNSTABLE] Add a new `unstable_defaultShouldRevalidate` flag to
various APIs to allow opt-ing out of standard revalidation behaviors.
([#&#8203;14542](https://redirect.github.com/remix-run/react-router/pull/14542))

If active routes include a `shouldRevalidate` function, then your value
will be passed as `defaultShouldRevalidate` in those function so that
the route always has the final revalidation determination.

  - `<Form method="post" unstable_defaultShouldRevalidate={false}>`
- `submit(data, { method: "post", unstable_defaultShouldRevalidate:
false })`
- `<fetcher.Form method="post"
unstable_defaultShouldRevalidate={false}>`
- `fetcher.submit(data, { method: "post",
unstable_defaultShouldRevalidate: false })`

This is also available on non-submission APIs that may trigger
revalidations due to changing search params:

  - `<Link to="/" unstable_defaultShouldRevalidate={false}>`
  - `navigate("/?foo=bar", { unstable_defaultShouldRevalidate: false })`
- `setSearchParams(params, { unstable_defaultShouldRevalidate: false })`

- Allow redirects to be returned from client side middleware
([#&#8203;14598](https://redirect.github.com/remix-run/react-router/pull/14598))

- Handle `dataStrategy` implementations that return insufficient result
sets by adding errors for routes without any available result
([#&#8203;14627](https://redirect.github.com/remix-run/react-router/pull/14627))

###
[`v7.10.1`](https://redirect.github.com/remix-run/react-router/blob/HEAD/packages/react-router/CHANGELOG.md#7101)

[Compare
Source](https://redirect.github.com/remix-run/react-router/compare/react-router@7.10.0...react-router@7.10.1)

##### Patch Changes

- Update the `useOptimistic` stub we provide for React 18 users to use a
stable setter function to avoid potential `useEffect` loops -
specifically when using `<Link viewTransition>`
([#&#8203;14628](https://redirect.github.com/remix-run/react-router/pull/14628))

###
[`v7.10.0`](https://redirect.github.com/remix-run/react-router/blob/HEAD/packages/react-router/CHANGELOG.md#7100)

[Compare
Source](https://redirect.github.com/remix-run/react-router/compare/react-router@7.9.6...react-router@7.10.0)

##### Minor Changes

- Stabilize `fetcher.reset()`
([#&#8203;14545](https://redirect.github.com/remix-run/react-router/pull/14545))
- ⚠️ This is a breaking change if you have begun using
`fetcher.unstable_reset()`

- Stabilize the `dataStrategy`
`match.shouldRevalidateArgs`/`match.shouldCallHandler()` APIs.
([#&#8203;14592](https://redirect.github.com/remix-run/react-router/pull/14592))

- The `match.shouldLoad` API is now marked deprecated in favor of these
more powerful alternatives

- If you're using this API in a custom `dataStrategy` today, you can
swap to the new API at your convenience:

    ```tsx
    // Before
    const matchesToLoad = matches.filter((m) => m.shouldLoad);

    // After
    const matchesToLoad = matches.filter((m) => m.shouldCallHandler());
    ```

- `match.shouldRevalidateArgs` is the argument that will be passed to
the route `shouldRevaliate` function

- Combined with the parameter accepted by `match.shouldCallHandler`, you
can define a custom revalidation behavior for your `dataStrategy`:

  ```tsx
  const matchesToLoad = matches.filter((m) => {
    const defaultShouldRevalidate = customRevalidationBehavior(
      match.shouldRevalidateArgs,
    );
    return m.shouldCallHandler(defaultShouldRevalidate);
// The argument here will override the internal
`defaultShouldRevalidate` value
  });
  ```

##### Patch Changes

- Fix a Framework Mode bug where the `defaultShouldRevalidate` parameter
to `shouldRevalidate` would not be correct after `action` returned a
4xx/5xx response (`true` when it should have been `false`)
([#&#8203;14592](https://redirect.github.com/remix-run/react-router/pull/14592))
- If your `shouldRevalidate` function relied on that parameter, you may
have seen unintended revalidations

- Fix `fetcher.submit` failing with plain objects containing a `tagName`
property
([#&#8203;14534](https://redirect.github.com/remix-run/react-router/pull/14534))

- \[UNSTABLE] Add `unstable_pattern` to the parameters for client side
`unstable_onError`, refactor how it's called by `RouterProvider` to
avoid potential strict mode issues
([#&#8203;14573](https://redirect.github.com/remix-run/react-router/pull/14573))

- Add new `unstable_useTransitions` flag to routers to give users
control over the usage of
[`React.startTransition`](https://react.dev/reference/react/startTransition)
and
[`React.useOptimistic`](https://react.dev/reference/react/useOptimistic).
([#&#8203;14524](https://redirect.github.com/remix-run/react-router/pull/14524))
  - Framework Mode + Data Mode:
- `<HydratedRouter unstable_transition>`/`<RouterProvider
unstable_transition>`
    - When left unset (current default behavior)
      - Router state updates are wrapped in `React.startTransition`
- ⚠️ This can lead to buggy behaviors if you are wrapping your own
navigations/fetchers in `React.startTransition`
- You should set the flag to `true` if you run into this scenario to get
the enhanced `useOptimistic` behavior (requires React 19)
    - When set to `true`
- Router state updates remain wrapped in `React.startTransition` (as
they are without the flag)
- `Link`/`Form` navigations will be wrapped in `React.startTransition`
- A subset of router state info will be surfaced to the UI *during*
navigations via `React.useOptimistic` (i.e., `useNavigation()`,
`useFetchers()`, etc.)
- ⚠️ This is a React 19 API so you must also be React 19 to opt into
this flag for Framework/Data Mode
    - When set to `false`
- The router will not leverage `React.startTransition` or
`React.useOptimistic` on any navigations or state changes
  - Declarative Mode
    - `<BrowserRouter unstable_useTransitions>`
    - When left unset
      - Router state updates are wrapped in `React.startTransition`
    - When set to `true`
- Router state updates remain wrapped in `React.startTransition` (as
they are without the flag)
- `Link`/`Form` navigations will be wrapped in `React.startTransition`
    - When set to `false`
- the router will not leverage `React.startTransition` on any
navigations or state changes

- Fix the promise returned from `useNavigate` in Framework/Data Mode so
that it properly tracks the duration of `popstate` navigations (i.e.,
`navigate(-1)`)
([#&#8203;14524](https://redirect.github.com/remix-run/react-router/pull/14524))

- Fix internal type error in useRoute types that surfaces when
skipLibCheck is disabled
([#&#8203;14577](https://redirect.github.com/remix-run/react-router/pull/14577))

- Preserve `statusText` on the `ErrorResponse` instance when throwing
`data()` from a route handler
([#&#8203;14555](https://redirect.github.com/remix-run/react-router/pull/14555))

- Optimize href() to avoid backtracking regex on splat
([#&#8203;14329](https://redirect.github.com/remix-run/react-router/pull/14329))

###
[`v7.9.6`](https://redirect.github.com/remix-run/react-router/blob/HEAD/packages/react-router/CHANGELOG.md#796)

[Compare
Source](https://redirect.github.com/remix-run/react-router/compare/react-router@7.9.5...react-router@7.9.6)

##### Patch Changes

- \[UNSTABLE] Add `location`/`params` as arguments to client-side
`unstable_onError` to permit enhanced error reporting.
([#&#8203;14509](https://redirect.github.com/remix-run/react-router/pull/14509))

⚠️ This is a breaking change if you've already adopted
`unstable_onError`. The second `errorInfo` parameter is now an object
with `location` and `params`:

  ```tsx
  // Before
  function errorHandler(error: unknown, errorInfo?: React.errorInfo) {
    /*...*/
  }

  // After
  function errorHandler(
    error: unknown,
    info: {
      location: Location;
      params: Params;
      errorInfo?: React.ErrorInfo;
    },
  ) {
    /*...*/
  }
  ```

- Properly handle ancestor thrown middleware errors before `next()` on
fetcher submissions
([#&#8203;14517](https://redirect.github.com/remix-run/react-router/pull/14517))

- Fix issue with splat routes interfering with multiple calls to
patchRoutesOnNavigation
([#&#8203;14487](https://redirect.github.com/remix-run/react-router/pull/14487))

- Normalize double-slashes in `resolvePath`
([#&#8203;14529](https://redirect.github.com/remix-run/react-router/pull/14529))

###
[`v7.9.5`](https://redirect.github.com/remix-run/react-router/blob/HEAD/packages/react-router/CHANGELOG.md#795)

[Compare
Source](https://redirect.github.com/remix-run/react-router/compare/react-router@7.9.4...react-router@7.9.5)

##### Patch Changes

- Move RSCHydratedRouter and utils to `/dom` export.
([#&#8203;14457](https://redirect.github.com/remix-run/react-router/pull/14457))

- useRoute: return type-safe `handle`
([#&#8203;14462](https://redirect.github.com/remix-run/react-router/pull/14462))

  For example:

  ```ts
  // app/routes/admin.tsx
  const handle = { hello: "world" };
  ```

  ```ts
  // app/routes/some-other-route.tsx
  export default function Component() {
    const admin = useRoute("routes/admin");
    if (!admin) throw new Error("Not nested within 'routes/admin'");
    console.log(admin.handle);
    //                ^? { hello: string }
  }
  ```

- Ensure action handlers run for routes with middleware even if no
loader is present
([#&#8203;14443](https://redirect.github.com/remix-run/react-router/pull/14443))

- Add `unstable_instrumentations` API to allow users to add observablity
to their apps by instrumenting route loaders, actions, middlewares,
lazy, as well as server-side request handlers and client side
navigations/fetches
([#&#8203;14412](https://redirect.github.com/remix-run/react-router/pull/14412))

  - Framework Mode:
- `entry.server.tsx`: `export const unstable_instrumentations = [...]`
- `entry.client.tsx`: `<HydratedRouter unstable_instrumentations={[...]}
/>`
  - Data Mode
- `createBrowserRouter(routes, { unstable_instrumentations: [...] })`

This also adds a new `unstable_pattern` parameter to
loaders/actions/middleware which contains the un-interpolated route
pattern (i.e., `/blog/:slug`) which is useful for aggregating
performance metrics by route

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - Only on Sunday and Saturday ( * * * * 0,6 ), Between 12:00
AM and 12:59 PM, only on Monday ( * 0-12 * * 1 ) in timezone Etc/UTC.

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR is behind base branch, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/TryGhost/Ghost).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMDIuMTEiLCJ1cGRhdGVkSW5WZXIiOiI0My4xMDIuMTEiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbXX0=-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
---
 apps/admin-x-framework/package.json | 2 +-
 yarn.lock                           | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/apps/admin-x-framework/package.json b/apps/admin-x-framework/package.json
index e2d0b9131df..7486a8b053c 100644
--- a/apps/admin-x-framework/package.json
+++ b/apps/admin-x-framework/package.json
@@ -98,7 +98,7 @@
         "@tryghost/shade": "0.0.0",
         "react": "18.3.1",
         "react-dom": "18.3.1",
-        "react-router": "7.9.4"
+        "react-router": "7.14.0"
     },
     "peerDependencies": {
         "react": "^18.2.0",
diff --git a/yarn.lock b/yarn.lock
index 1fbaa3c458f..2135bec51ef 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -30794,10 +30794,10 @@ react-remove-scroll@^2.6.3:
     use-callback-ref "^1.3.3"
     use-sidecar "^1.1.3"
 
-react-router@7.9.4:
-  version "7.9.4"
-  resolved "https://registry.yarnpkg.com/react-router/-/react-router-7.9.4.tgz#2c4249e5d0a6bb8b8f6bf0ede8f5077e4ff8024f"
-  integrity sha512-SD3G8HKviFHg9xj7dNODUKDFgpG4xqD5nhyd0mYoB5iISepuZAvzSr8ywxgxKJ52yRzf/HWtVHc9AWwoTbljvA==
+react-router@7.14.0:
+  version "7.14.0"
+  resolved "https://registry.yarnpkg.com/react-router/-/react-router-7.14.0.tgz#33169c9ac03b298bb51aad13e038ba548c79a862"
+  integrity sha512-m/xR9N4LQLmAS0ZhkY2nkPA1N7gQ5TUVa5n8TgANuDTARbn1gt+zLPXEm7W0XDTbrQ2AJSJKhoa6yx1D8BcpxQ==
   dependencies:
     cookie "^1.0.1"
     set-cookie-parser "^2.6.0"

From 6173732cf69df80fdc7d8dce4d05a2c9def54659 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Mon, 6 Apr 2026 14:18:29 +0100
Subject: [PATCH 08/12] Update dependency vite to v5.4.21 [SECURITY] (#27155)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This PR contains the following updates:

| Package | Change |
[Age](https://docs.renovatebot.com/merge-confidence/) |
[Confidence](https://docs.renovatebot.com/merge-confidence/) |
|---|---|---|---|
| [vite](https://vite.dev)
([source](https://redirect.github.com/vitejs/vite/tree/HEAD/packages/vite))
| [`5.4.20` →
`5.4.21`](https://renovatebot.com/diffs/npm/vite/5.4.20/5.4.21) |
![age](https://developer.mend.io/api/mc/badges/age/npm/vite/5.4.21?slim=true)
|
![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/vite/5.4.20/5.4.21?slim=true)
|

### GitHub Vulnerability Alerts

####
[CVE-2025-62522](https://redirect.github.com/vitejs/vite/security/advisories/GHSA-93m4-6634-74q7)

### Summary
Files denied by
[`server.fs.deny`](https://vitejs.dev/config/server-options.html#server-fs-deny)
were sent if the URL ended with `\` when the dev server is running on
Windows.

### Impact
Only apps that match the following conditions are affected:

- explicitly exposes the Vite dev server to the network (using --host or
[`server.host` config
option](https://vitejs.dev/config/server-options.html#server-host))
- running the dev server on Windows

### Details
`server.fs.deny` can contain patterns matching against files (by default
it includes `.env`, `.env.*`, `*.{crt,pem}` as such patterns). These
patterns were able to bypass by using a back slash(`\`). The root cause
is that `fs.readFile('/foo.png/')` loads `/foo.png`.

### PoC
```shell
npm create vite@latest
cd vite-project/
cat "secret" > .env
npm install
npm run dev
curl --request-target /.env\ http://localhost:5173
```
<img width="1593" height="616" alt="image"
src="https://github.com/user-attachments/assets/36212f4e-1d3c-4686-b16f-16b35ca9e175"
/>

---

### Release Notes

<details>
<summary>vitejs/vite (vite)</summary>

###
[`v5.4.21`](https://redirect.github.com/vitejs/vite/releases/tag/v5.4.21)

[Compare
Source](https://redirect.github.com/vitejs/vite/compare/v5.4.20...v5.4.21)

Please refer to
[CHANGELOG.md](https://redirect.github.com/vitejs/vite/blob/v5.4.21/packages/vite/CHANGELOG.md)
for details.

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "" in timezone Etc/UTC, Automerge -
Only on Sunday and Saturday ( * * * * 0,6 ), Between 12:00 AM and 12:59
PM, only on Monday ( * 0-12 * * 1 ) in timezone Etc/UTC.

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR is behind base branch, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/TryGhost/Ghost).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMDIuMTEiLCJ1cGRhdGVkSW5WZXIiOiI0My4xMDIuMTEiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbXX0=-->

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Hannah Wolfe <github.erisds@gmail.com>
---
 apps/activitypub/package.json           | 2 +-
 apps/admin-x-design-system/package.json | 2 +-
 apps/admin-x-framework/package.json     | 2 +-
 apps/admin-x-settings/package.json      | 2 +-
 apps/announcement-bar/package.json      | 4 ++--
 apps/comments-ui/package.json           | 4 ++--
 apps/portal/package.json                | 4 ++--
 apps/posts/package.json                 | 2 +-
 apps/shade/package.json                 | 2 +-
 apps/signup-form/package.json           | 4 ++--
 apps/sodo-search/package.json           | 4 ++--
 apps/stats/package.json                 | 2 +-
 yarn.lock                               | 8 ++++----
 13 files changed, 21 insertions(+), 21 deletions(-)

diff --git a/apps/activitypub/package.json b/apps/activitypub/package.json
index 101a6eed695..bafa78b2e2e 100644
--- a/apps/activitypub/package.json
+++ b/apps/activitypub/package.json
@@ -37,7 +37,7 @@
     "@types/react-dom": "18.3.7",
     "jest": "29.7.0",
     "ts-jest": "29.4.9",
-    "vite": "5.4.20",
+    "vite": "5.4.21",
     "vitest": "1.6.1"
   },
   "nx": {
diff --git a/apps/admin-x-design-system/package.json b/apps/admin-x-design-system/package.json
index 64ddd0cc088..59199fb7ab8 100644
--- a/apps/admin-x-design-system/package.json
+++ b/apps/admin-x-design-system/package.json
@@ -59,7 +59,7 @@
         "tailwindcss": "^4",
         "typescript": "5.8.3",
         "validator": "13.12.0",
-        "vite": "5.4.20",
+        "vite": "5.4.21",
         "vite-plugin-svgr": "3.3.0",
         "vitest": "1.6.1"
     },
diff --git a/apps/admin-x-framework/package.json b/apps/admin-x-framework/package.json
index 7486a8b053c..85d6e3df67d 100644
--- a/apps/admin-x-framework/package.json
+++ b/apps/admin-x-framework/package.json
@@ -85,7 +85,7 @@
         "jsdom": "28.1.0",
         "sinon": "18.0.1",
         "typescript": "5.8.3",
-        "vite": "5.4.20",
+        "vite": "5.4.21",
         "vite-plugin-css-injected-by-js": "3.5.2",
         "vite-plugin-svgr": "3.3.0",
         "vitest": "1.6.1"
diff --git a/apps/admin-x-settings/package.json b/apps/admin-x-settings/package.json
index 85fc5384286..91281fb1466 100644
--- a/apps/admin-x-settings/package.json
+++ b/apps/admin-x-settings/package.json
@@ -65,7 +65,7 @@
     "eslint-plugin-react-refresh": "0.4.24",
     "eslint-plugin-tailwindcss": "4.0.0-beta.0",
     "stylelint": "15.11.0",
-    "vite": "5.4.20",
+    "vite": "5.4.21",
     "vite-plugin-css-injected-by-js": "3.5.2",
     "vite-plugin-svgr": "3.3.0",
     "vitest": "1.6.1"
diff --git a/apps/announcement-bar/package.json b/apps/announcement-bar/package.json
index 335e00b99c7..c4a13f29b38 100644
--- a/apps/announcement-bar/package.json
+++ b/apps/announcement-bar/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@tryghost/announcement-bar",
-  "version": "1.1.13",
+  "version": "1.1.14",
   "license": "MIT",
   "repository": "https://github.com/TryGhost/Ghost",
   "author": "Ghost Foundation",
@@ -82,7 +82,7 @@
   "devDependencies": {
     "@vitejs/plugin-react": "4.7.0",
     "jsdom": "28.1.0",
-    "vite": "5.4.20",
+    "vite": "5.4.21",
     "vite-plugin-svgr": "3.3.0",
     "vitest": "1.6.1"
   }
diff --git a/apps/comments-ui/package.json b/apps/comments-ui/package.json
index d72794f63c7..2dedcb9452e 100644
--- a/apps/comments-ui/package.json
+++ b/apps/comments-ui/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@tryghost/comments-ui",
-  "version": "1.4.1",
+  "version": "1.4.2",
   "license": "MIT",
   "repository": "https://github.com/TryGhost/Ghost",
   "author": "Ghost Foundation",
@@ -77,7 +77,7 @@
     "moment": "2.30.1",
     "postcss": "8.5.6",
     "tailwindcss": "3.4.18",
-    "vite": "5.4.20",
+    "vite": "5.4.21",
     "vite-plugin-css-injected-by-js": "3.5.2",
     "vite-plugin-svgr": "3.3.0",
     "vitest": "1.6.1"
diff --git a/apps/portal/package.json b/apps/portal/package.json
index 735345d9c7b..72202075897 100644
--- a/apps/portal/package.json
+++ b/apps/portal/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@tryghost/portal",
-  "version": "2.67.7",
+  "version": "2.67.8",
   "license": "MIT",
   "repository": "https://github.com/TryGhost/Ghost",
   "author": "Ghost Foundation",
@@ -125,7 +125,7 @@
     "jsdom": "28.1.0",
     "react": "17.0.2",
     "react-dom": "17.0.2",
-    "vite": "5.4.20",
+    "vite": "5.4.21",
     "vite-plugin-css-injected-by-js": "3.5.2",
     "vite-plugin-svgr": "3.3.0",
     "vitest": "3.2.4"
diff --git a/apps/posts/package.json b/apps/posts/package.json
index 3de54d5c3ae..b3021bf6dbe 100644
--- a/apps/posts/package.json
+++ b/apps/posts/package.json
@@ -35,7 +35,7 @@
         "@types/jest": "29.5.14",
         "@types/react": "18.3.26",
         "msw": "2.11.5",
-        "vite": "5.4.20",
+        "vite": "5.4.21",
         "vitest": "1.6.1"
     },
     "dependencies": {
diff --git a/apps/shade/package.json b/apps/shade/package.json
index a6ba88499e7..8e78258944d 100644
--- a/apps/shade/package.json
+++ b/apps/shade/package.json
@@ -100,7 +100,7 @@
         "tailwindcss": "4.2.1",
         "tw-animate-css": "1.4.0",
         "typescript": "5.8.3",
-        "vite": "5.4.20",
+        "vite": "5.4.21",
         "vite-plugin-svgr": "3.3.0",
         "vitest": "1.6.1"
     },
diff --git a/apps/signup-form/package.json b/apps/signup-form/package.json
index 68bad68f90b..136988d67e2 100644
--- a/apps/signup-form/package.json
+++ b/apps/signup-form/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@tryghost/signup-form",
-  "version": "0.3.9",
+  "version": "0.3.10",
   "license": "MIT",
   "repository": "https://github.com/TryGhost/Ghost",
   "author": "Ghost Foundation",
@@ -62,7 +62,7 @@
     "storybook": "8.6.14",
     "stylelint": "15.11.0",
     "tailwindcss": "3.4.18",
-    "vite": "5.4.20",
+    "vite": "5.4.21",
     "vite-plugin-svgr": "3.3.0",
     "vitest": "1.6.1"
   }
diff --git a/apps/sodo-search/package.json b/apps/sodo-search/package.json
index f0438553af1..fa77de47d2d 100644
--- a/apps/sodo-search/package.json
+++ b/apps/sodo-search/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@tryghost/sodo-search",
-  "version": "1.8.7",
+  "version": "1.8.8",
   "license": "MIT",
   "repository": "https://github.com/TryGhost/Ghost",
   "author": "Ghost Foundation",
@@ -99,7 +99,7 @@
     "jsdom": "28.1.0",
     "nock": "13.5.6",
     "tailwindcss": "3.4.18",
-    "vite": "5.4.20",
+    "vite": "5.4.21",
     "vite-plugin-svgr": "3.3.0",
     "vitest": "1.6.1"
   }
diff --git a/apps/stats/package.json b/apps/stats/package.json
index 999703768ce..bc7da5dc64b 100644
--- a/apps/stats/package.json
+++ b/apps/stats/package.json
@@ -44,7 +44,7 @@
         "@vitejs/plugin-react": "4.7.0",
         "dotenv": "17.3.1",
         "msw": "2.11.5",
-        "vite": "5.4.20",
+        "vite": "5.4.21",
         "vite-plugin-svgr": "4.5.0",
         "vitest": "1.6.1"
     },
diff --git a/yarn.lock b/yarn.lock
index 2135bec51ef..b92e68e8c54 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -35454,10 +35454,10 @@ vite-tsconfig-paths@5.1.4:
     globrex "^0.1.2"
     tsconfck "^3.0.3"
 
-vite@5.4.20, vite@^5.0.0:
-  version "5.4.20"
-  resolved "https://registry.yarnpkg.com/vite/-/vite-5.4.20.tgz#3267a5e03f21212f44edfd72758138e8fcecd76a"
-  integrity sha512-j3lYzGC3P+B5Yfy/pfKNgVEg4+UtcIJcVRt2cDjIOmhLourAqPqf8P7acgxeiSgUB7E3p2P8/3gNIgDLpwzs4g==
+vite@5.4.21, vite@^5.0.0:
+  version "5.4.21"
+  resolved "https://registry.yarnpkg.com/vite/-/vite-5.4.21.tgz#84a4f7c5d860b071676d39ba513c0d598fdc7027"
+  integrity sha512-o5a9xKjbtuhY6Bi5S3+HvbRERmouabWbyUcpXXUA1u+GNUKoROi9byOJ8M0nHbHYHkYICiMlqxkg1KkYmm25Sw==
   dependencies:
     esbuild "^0.21.3"
     postcss "^8.4.43"

From 4501e4d8cb0ca71bdb527c840063848492a464fa Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Mon, 6 Apr 2026 14:20:15 +0100
Subject: [PATCH 09/12] Update Types packages (#27149)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This PR contains the following updates:

| Package | Change |
[Age](https://docs.renovatebot.com/merge-confidence/) |
[Confidence](https://docs.renovatebot.com/merge-confidence/) |
|---|---|---|---|
|
[@types/dockerode](https://redirect.github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/dockerode)
([source](https://redirect.github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/dockerode))
| [`3.3.44` →
`3.3.47`](https://renovatebot.com/diffs/npm/@types%2fdockerode/3.3.44/3.3.47)
|
![age](https://developer.mend.io/api/mc/badges/age/npm/@types%2fdockerode/3.3.47?slim=true)
|
![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@types%2fdockerode/3.3.44/3.3.47?slim=true)
|
|
[@types/node](https://redirect.github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/node)
([source](https://redirect.github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node))
| [`22.18.10` →
`22.19.16`](https://renovatebot.com/diffs/npm/@types%2fnode/22.18.10/22.19.16)
|
![age](https://developer.mend.io/api/mc/badges/age/npm/@types%2fnode/22.19.16?slim=true)
|
![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@types%2fnode/22.18.10/22.19.16?slim=true)
|
|
[@types/nodemailer](https://redirect.github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/nodemailer)
([source](https://redirect.github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/nodemailer))
| [`6.4.20` →
`6.4.23`](https://renovatebot.com/diffs/npm/@types%2fnodemailer/6.4.20/6.4.23)
|
![age](https://developer.mend.io/api/mc/badges/age/npm/@types%2fnodemailer/6.4.23?slim=true)
|
![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@types%2fnodemailer/6.4.20/6.4.23?slim=true)
|
|
[@types/react](https://redirect.github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/react)
([source](https://redirect.github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react))
| [`18.3.26` →
`18.3.28`](https://renovatebot.com/diffs/npm/@types%2freact/18.3.26/18.3.28)
|
![age](https://developer.mend.io/api/mc/badges/age/npm/@types%2freact/18.3.28?slim=true)
|
![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@types%2freact/18.3.26/18.3.28?slim=true)
|
|
[@types/validator](https://redirect.github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/validator)
([source](https://redirect.github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/validator))
| [`13.15.3` →
`13.15.10`](https://renovatebot.com/diffs/npm/@types%2fvalidator/13.15.3/13.15.10)
|
![age](https://developer.mend.io/api/mc/badges/age/npm/@types%2fvalidator/13.15.10?slim=true)
|
![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@types%2fvalidator/13.15.3/13.15.10?slim=true)
|

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - Only on Sunday and Saturday ( * * * * 0,6 ), Between 12:00
AM and 12:59 PM, only on Monday ( * 0-12 * * 1 ) in timezone Etc/UTC.

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR is behind base branch, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about these
updates again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/TryGhost/Ghost).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMDIuMTEiLCJ1cGRhdGVkSW5WZXIiOiI0My4xMDIuMTEiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbXX0=-->

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Hannah Wolfe <github.erisds@gmail.com>
---
 apps/activitypub/package.json       |  2 +-
 apps/admin-x-framework/package.json |  2 +-
 apps/admin-x-settings/package.json  |  4 +--
 apps/admin/package.json             |  2 +-
 apps/posts/package.json             |  2 +-
 apps/shade/package.json             |  2 +-
 apps/signup-form/package.json       |  2 +-
 apps/stats/package.json             |  2 +-
 e2e/package.json                    |  2 +-
 ghost/core/package.json             |  4 +--
 yarn.lock                           | 53 ++++++++++++++---------------
 11 files changed, 38 insertions(+), 39 deletions(-)

diff --git a/apps/activitypub/package.json b/apps/activitypub/package.json
index bafa78b2e2e..5cf33248c93 100644
--- a/apps/activitypub/package.json
+++ b/apps/activitypub/package.json
@@ -33,7 +33,7 @@
     "@testing-library/react": "14.3.1",
     "@types/dompurify": "3.2.0",
     "@types/jest": "29.5.14",
-    "@types/react": "18.3.26",
+    "@types/react": "18.3.28",
     "@types/react-dom": "18.3.7",
     "jest": "29.7.0",
     "ts-jest": "29.4.9",
diff --git a/apps/admin-x-framework/package.json b/apps/admin-x-framework/package.json
index 85d6e3df67d..70e2241be35 100644
--- a/apps/admin-x-framework/package.json
+++ b/apps/admin-x-framework/package.json
@@ -76,7 +76,7 @@
     "devDependencies": {
         "@testing-library/jest-dom": "5.17.0",
         "@testing-library/react": "14.3.1",
-        "@types/react": "18.3.26",
+        "@types/react": "18.3.28",
         "@types/react-dom": "18.3.7",
         "@vitejs/plugin-react": "4.7.0",
         "c8": "10.1.3",
diff --git a/apps/admin-x-settings/package.json b/apps/admin-x-settings/package.json
index 91281fb1466..1601cd829b6 100644
--- a/apps/admin-x-settings/package.json
+++ b/apps/admin-x-settings/package.json
@@ -57,9 +57,9 @@
     "@tryghost/admin-x-framework": "0.0.0",
     "@tryghost/custom-fonts": "1.0.2",
     "@tryghost/shade": "0.0.0",
-    "@types/react": "18.3.26",
+    "@types/react": "18.3.28",
     "@types/react-dom": "18.3.7",
-    "@types/validator": "13.15.3",
+    "@types/validator": "13.15.10",
     "@vitejs/plugin-react": "4.7.0",
     "eslint-plugin-react-hooks": "4.6.2",
     "eslint-plugin-react-refresh": "0.4.24",
diff --git a/apps/admin/package.json b/apps/admin/package.json
index d7e7d4fcd6a..c85715ef5b4 100644
--- a/apps/admin/package.json
+++ b/apps/admin/package.json
@@ -26,7 +26,7 @@
   "devDependencies": {
     "@eslint/js": "9.37.0",
     "@testing-library/react": "14.3.1",
-    "@types/react": "18.3.26",
+    "@types/react": "18.3.28",
     "@types/react-dom": "18.3.7",
     "@vitejs/plugin-react-swc": "4.1.0",
     "eslint": "9.37.0",
diff --git a/apps/posts/package.json b/apps/posts/package.json
index b3021bf6dbe..6faf94ed733 100644
--- a/apps/posts/package.json
+++ b/apps/posts/package.json
@@ -33,7 +33,7 @@
         "@tanstack/react-virtual": "3.13.23",
         "@testing-library/react": "14.3.1",
         "@types/jest": "29.5.14",
-        "@types/react": "18.3.26",
+        "@types/react": "18.3.28",
         "msw": "2.11.5",
         "vite": "5.4.21",
         "vitest": "1.6.1"
diff --git a/apps/shade/package.json b/apps/shade/package.json
index 8e78258944d..e7e33a937fc 100644
--- a/apps/shade/package.json
+++ b/apps/shade/package.json
@@ -82,7 +82,7 @@
         "@testing-library/react": "14.3.1",
         "@testing-library/react-hooks": "8.0.1",
         "@types/lodash-es": "4.17.12",
-        "@types/node": "22.18.10",
+        "@types/node": "22.19.16",
         "@types/react-world-flags": "1.6.0",
         "@vitejs/plugin-react": "4.7.0",
         "c8": "10.1.3",
diff --git a/apps/signup-form/package.json b/apps/signup-form/package.json
index 136988d67e2..5dd095d5b8e 100644
--- a/apps/signup-form/package.json
+++ b/apps/signup-form/package.json
@@ -46,7 +46,7 @@
     "@storybook/testing-library": "0.2.2",
     "@tailwindcss/line-clamp": "0.4.4",
     "@tryghost/i18n": "0.0.0",
-    "@types/react": "18.3.26",
+    "@types/react": "18.3.28",
     "@types/react-dom": "18.3.7",
     "@vitejs/plugin-react": "4.7.0",
     "autoprefixer": "10.4.21",
diff --git a/apps/stats/package.json b/apps/stats/package.json
index bc7da5dc64b..ed160af0d4d 100644
--- a/apps/stats/package.json
+++ b/apps/stats/package.json
@@ -39,7 +39,7 @@
         "@testing-library/jest-dom": "5.17.0",
         "@testing-library/react": "14.3.1",
         "@types/jest": "29.5.14",
-        "@types/react": "18.3.26",
+        "@types/react": "18.3.28",
         "@types/react-svg-map": "2.1.4",
         "@vitejs/plugin-react": "4.7.0",
         "dotenv": "17.3.1",
diff --git a/e2e/package.json b/e2e/package.json
index bfd5bf5b30f..c30360d45d4 100644
--- a/e2e/package.json
+++ b/e2e/package.json
@@ -34,7 +34,7 @@
     "@playwright/test": "1.58.2",
     "@tryghost/debug": "0.1.35",
     "@tryghost/logging": "2.4.23",
-    "@types/dockerode": "3.3.44",
+    "@types/dockerode": "3.3.47",
     "typescript-eslint": "8.58.0",
     "c8": "10.1.3",
     "dockerode": "4.0.9",
diff --git a/ghost/core/package.json b/ghost/core/package.json
index 7778301f8b4..e295295163d 100644
--- a/ghost/core/package.json
+++ b/ghost/core/package.json
@@ -234,9 +234,9 @@
     "@types/common-tags": "1.8.4",
     "@types/jsonwebtoken": "9.0.10",
     "@types/mime-types": "3.0.1",
-    "@types/node": "22.18.10",
+    "@types/node": "22.19.16",
     "@types/node-jose": "1.1.13",
-    "@types/nodemailer": "6.4.20",
+    "@types/nodemailer": "6.4.23",
     "@types/sinon": "17.0.4",
     "@types/supertest": "6.0.3",
     "c8": "10.1.3",
diff --git a/yarn.lock b/yarn.lock
index b92e68e8c54..15cf7ad2fdc 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -224,7 +224,7 @@
     "@smithy/util-waiter" "^4.2.14"
     tslib "^2.6.2"
 
-"@aws-sdk/client-ses@^3.31.0", "@aws-sdk/client-ses@^3.731.1":
+"@aws-sdk/client-ses@^3.31.0":
   version "3.864.0"
   resolved "https://registry.yarnpkg.com/@aws-sdk/client-ses/-/client-ses-3.864.0.tgz#7063e59a42919065fbb24f080b0979b41a4da6fd"
   integrity sha512-cmsOrJZsrNa892gD2cAsbVkweDulgmC8PE38cz//bM//1BW/R1MMFClapF+Q9gACtsRVTRBXNtsIsBq8Gm1Urw==
@@ -10517,10 +10517,10 @@
     "@types/node" "*"
     "@types/ssh2" "*"
 
-"@types/dockerode@3.3.44":
-  version "3.3.44"
-  resolved "https://registry.yarnpkg.com/@types/dockerode/-/dockerode-3.3.44.tgz#1e6d5b291646820e9daabfa132cdb33c9d535b56"
-  integrity sha512-fUpIHlsbYpxAJb285xx3vp7q5wf5mjqSn3cYwl/MhiM+DB99OdO5sOCPlO0PjO+TyOtphPs7tMVLU/RtOo/JjA==
+"@types/dockerode@3.3.47":
+  version "3.3.47"
+  resolved "https://registry.yarnpkg.com/@types/dockerode/-/dockerode-3.3.47.tgz#cf8c6b4efcd0bb28b0e6009e613e7faab1b96e75"
+  integrity sha512-ShM1mz7rCjdssXt7Xz0u1/R2BJC7piWa3SJpUBiVjCf2A3XNn4cP6pUVaD8bLanpPVVn4IKzJuw3dOvkJ8IbYw==
   dependencies:
     "@types/docker-modem" "*"
     "@types/node" "*"
@@ -10779,10 +10779,10 @@
   dependencies:
     undici-types "~7.10.0"
 
-"@types/node@22.18.10":
-  version "22.18.10"
-  resolved "https://registry.yarnpkg.com/@types/node/-/node-22.18.10.tgz#37f0ac8d2ec41af7bba06f162c85ff409e4e3420"
-  integrity sha512-anNG/V/Efn/YZY4pRzbACnKxNKoBng2VTFydVu8RRs5hQjikP8CQfaeAV59VFSCzKNp90mXiVXW2QzV56rwMrg==
+"@types/node@22.19.16":
+  version "22.19.16"
+  resolved "https://registry.yarnpkg.com/@types/node/-/node-22.19.16.tgz#b574ab601777831f41003d5c1976dd2c2749e75b"
+  integrity sha512-K6csxIjY+9RoDxdP6/wzaJzXaCf4znBz0/y0rrQDsbqmzQ5QFsOjubbsYWZhj6ZCgz3mjlyDZS+EJkhA9jWl9Q==
   dependencies:
     undici-types "~6.21.0"
 
@@ -10798,12 +10798,11 @@
   resolved "https://registry.yarnpkg.com/@types/node/-/node-9.6.61.tgz#29f124eddd41c4c74281bd0b455d689109fc2a2d"
   integrity sha512-/aKAdg5c8n468cYLy2eQrcR5k6chlbNwZNGUj3TboyPa2hcO2QAJcfymlqPzMiRj8B6nYKXjzQz36minFE0RwQ==
 
-"@types/nodemailer@6.4.20":
-  version "6.4.20"
-  resolved "https://registry.yarnpkg.com/@types/nodemailer/-/nodemailer-6.4.20.tgz#f597b5f3848f498d259353de41af71a39373765d"
-  integrity sha512-uj83z0GqwqMUE6RI4EKptPlav0FYE6vpIlqJAnxzu+/sSezRdbH69rSBCMsdW6DdsCAzoFQZ52c2UIlhRVQYDA==
+"@types/nodemailer@6.4.23":
+  version "6.4.23"
+  resolved "https://registry.yarnpkg.com/@types/nodemailer/-/nodemailer-6.4.23.tgz#2d6048342b66b804ae0c1e75b756321a2be043e2"
+  integrity sha512-aFV3/NsYFLSx9mbb5gtirBSXJnAlrusoKNuPbxsASWc7vrKLmIrTQRpdcxNcSFL3VW2A2XpeLEavwb2qMi6nlQ==
   dependencies:
-    "@aws-sdk/client-ses" "^3.731.1"
     "@types/node" "*"
 
 "@types/normalize-package-data@^2.4.0":
@@ -10895,13 +10894,13 @@
   dependencies:
     "@types/react" "*"
 
-"@types/react@*", "@types/react@18.3.26":
-  version "18.3.26"
-  resolved "https://registry.yarnpkg.com/@types/react/-/react-18.3.26.tgz#4c5970878d30db3d2a0bca1e4eb5f258e391bbeb"
-  integrity sha512-RFA/bURkcKzx/X9oumPG9Vp3D3JUgus/d0b67KB0t5S/raciymilkOa66olh78MUI92QLbEJevO7rvqU/kjwKA==
+"@types/react@*", "@types/react@18.3.28":
+  version "18.3.28"
+  resolved "https://registry.yarnpkg.com/@types/react/-/react-18.3.28.tgz#0a85b1a7243b4258d9f626f43797ba18eb5f8781"
+  integrity sha512-z9VXpC7MWrhfWipitjNdgCauoMLRdIILQsAEV+ZesIzBq/oUlxk0m3ApZuMFCXdnS4U7KrI+l3WRUEGQ8K1QKw==
   dependencies:
     "@types/prop-types" "*"
-    csstype "^3.0.2"
+    csstype "^3.2.2"
 
 "@types/react@^17":
   version "17.0.53"
@@ -11031,10 +11030,10 @@
   resolved "https://registry.yarnpkg.com/@types/uuid/-/uuid-9.0.7.tgz#b14cebc75455eeeb160d5fe23c2fcc0c64f724d8"
   integrity sha512-WUtIVRUZ9i5dYXefDEAI7sh9/O7jGvHg7Df/5O/gtH3Yabe5odI3UWopVR1qbPXQtvOxWu3mM4XxlYeZtMWF4g==
 
-"@types/validator@13.15.3":
-  version "13.15.3"
-  resolved "https://registry.yarnpkg.com/@types/validator/-/validator-13.15.3.tgz#67e8aeacbace03517f9bd3f99e750bb666207ff4"
-  integrity sha512-7bcUmDyS6PN3EuD9SlGGOxM77F8WLVsrwkxyWxKnxzmXoequ6c7741QBrANq6htVRGOITJ7z72mTP6Z4XyuG+Q==
+"@types/validator@13.15.10":
+  version "13.15.10"
+  resolved "https://registry.yarnpkg.com/@types/validator/-/validator-13.15.10.tgz#742b77ec34d58554b94a76a14cef30d59e3c16b9"
+  integrity sha512-T8L6i7wCuyoK8A/ZeLYt1+q0ty3Zb9+qbSSvrIVitzT3YjZqkTZ40IbRsPanlB4h1QB3JVL1SYCdR6ngtFYcuA==
 
 "@types/yargs-parser@*":
   version "21.0.0"
@@ -16803,10 +16802,10 @@ cssstyle@^6.0.1:
     css-tree "^3.1.0"
     lru-cache "^11.2.6"
 
-csstype@^3.0.2, csstype@^3.1.3:
-  version "3.1.3"
-  resolved "https://registry.yarnpkg.com/csstype/-/csstype-3.1.3.tgz#d80ff294d114fb0e6ac500fbf85b60137d7eff81"
-  integrity sha512-M1uQkMl8rQK/szD0LNhtqxIPLpimGm8sOBwU7lLnCpSbTyY3yeU1Vc7l4KT5zT4s/yOxHH5O7tIuuLOCnLADRw==
+csstype@^3.0.2, csstype@^3.1.3, csstype@^3.2.2:
+  version "3.2.3"
+  resolved "https://registry.yarnpkg.com/csstype/-/csstype-3.2.3.tgz#ec48c0f3e993e50648c86da559e2610995cf989a"
+  integrity sha512-z1HGKcYy2xA8AGQfwrn0PAy+PB7X/GSj3UVJW9qKyn43xWa+gl5nXmU4qqLMRzWVLFC8KusUX8T/0kCiOYpAIQ==
 
 csv-writer@1.6.0:
   version "1.6.0"

From 17492ed6ebc56781ed154528c2778ab570703a79 Mon Sep 17 00:00:00 2001
From: Hannah Wolfe <github.erisds@gmail.com>
Date: Mon, 6 Apr 2026 14:31:37 +0100
Subject: [PATCH 10/12] Improved dependency inspector summary output (#27167)

- added yarn audit output to give more visibility to security issues
- moved the summary to the end, and added dates/commit to make it easier to tie the state back to a reference and time
- this tool is transient, we don't need to reimplement it if we switch away from yarn, it's just helpful when trying to identify which deps to target first.
---
 .github/scripts/dependency-inspector.js | 87 ++++++++++++++++++++++---
 1 file changed, 77 insertions(+), 10 deletions(-)

diff --git a/.github/scripts/dependency-inspector.js b/.github/scripts/dependency-inspector.js
index a1d2b5ed6ab..40a40199cc0 100755
--- a/.github/scripts/dependency-inspector.js
+++ b/.github/scripts/dependency-inspector.js
@@ -484,16 +484,6 @@ With a severity flag, shows all packages with that update type.
   displayResults(results) {
     console.log('\n🎯 DEPENDENCY ANALYSIS RESULTS\n');
 
-    // Summary
-    console.log('📈 SUMMARY:');
-    console.log(`   Total dependencies: ${this.directDeps.size}`);
-    console.log(`   Total outdated: ${results.stats.total}`);
-    console.log(`   Major updates: ${results.stats.major}`);
-    console.log(`   Minor updates: ${results.stats.minor}`);
-    console.log(`   Patch updates: ${results.stats.patch}`);
-    console.log(`   Direct deps: ${results.direct.length}`);
-    console.log(`   Transitive deps: ${results.transitive.length}\n`);
-
     // If filtering by severity, show filtered results
     if (this.filterSeverity) {
       this.displayFilteredResults(results);
@@ -595,6 +585,82 @@ With a severity flag, shows all packages with that update type.
       }
       console.log('');
     }
+
+    const generatedAt = new Date().toISOString();
+    const latestCommit = this.getLatestCommitRef();
+
+    // Summary at the end
+    console.log('📈 SUMMARY:');
+    console.log(`   Generated at: ${generatedAt}`);
+    console.log(`   Latest commit: ${latestCommit}`);
+    console.log(`   Total dependencies: ${this.directDeps.size}`);
+    console.log(`   Total outdated: ${results.stats.total}`);
+    console.log(`   Major updates: ${results.stats.major}`);
+    console.log(`   Minor updates: ${results.stats.minor}`);
+    console.log(`   Patch updates: ${results.stats.patch}`);
+    console.log(`   Direct deps: ${results.direct.length}`);
+    console.log(`   Transitive deps: ${results.transitive.length}\n`);
+  }
+
+  /**
+   * Get the latest commit reference for the current checkout
+   */
+  getLatestCommitRef() {
+    try {
+      return execSync("git log -1 --format='%h %ad %s' --date=iso-strict", {
+        encoding: 'utf8'
+      }).trim();
+    } catch (error) {
+      return 'Unavailable';
+    }
+  }
+
+  /**
+   * Run yarn audit and display a vulnerability summary
+   */
+  displayAuditSummary() {
+    console.log('🔒 SECURITY AUDIT:\n');
+
+    try {
+      let stdout = '';
+      try {
+        stdout = execSync('yarn audit --json 2>/dev/null', {
+          encoding: 'utf8',
+          maxBuffer: 10 * 1024 * 1024
+        });
+      } catch (error) {
+        // yarn audit exits with non-zero when vulnerabilities are found
+        stdout = error.stdout || '';
+      }
+
+      // Find the auditSummary line
+      const lines = stdout.trim().split('\n');
+      for (const line of lines) {
+        try {
+          const data = JSON.parse(line);
+          if (data.type === 'auditSummary' && data.data && data.data.vulnerabilities) {
+            const v = data.data.vulnerabilities;
+            const total = v.info + v.low + v.moderate + v.high + v.critical;
+            console.log(`   Total vulnerabilities: ${total}`);
+            console.log(`   🔴 Critical: ${v.critical}`);
+            console.log(`   🟠 High:     ${v.high}`);
+            console.log(`   🟡 Moderate: ${v.moderate}`);
+            console.log(`   🟢 Low:      ${v.low}`);
+            if (v.info > 0) {
+              console.log(`   ℹ️  Info:     ${v.info}`);
+            }
+            console.log(`   Total dependencies scanned: ${data.data.totalDependencies}\n`);
+            return;
+          }
+        } catch (e) {
+          // Skip non-JSON lines
+        }
+      }
+
+      console.log('   ⚠️  Could not parse audit summary\n');
+    } catch (error) {
+      console.log(`   ⚠️  Audit failed: ${error.message}\n`);
+    }
   }
 
     async run() {
@@ -615,6 +681,7 @@ With a severity flag, shows all packages with that update type.
 
       const results = this.processOutdatedPackages(outdatedData);
       this.displayResults(results);
+      this.displayAuditSummary();
 
     } catch (error) {
       console.error('❌ Error:', error.message);

From 5102f8d600c9ca12d2c66ef32b21615e79407b1c Mon Sep 17 00:00:00 2001
From: Weyland Swart <49831538+weylandswart@users.noreply.github.com>
Date: Mon, 6 Apr 2026 15:57:23 +0100
Subject: [PATCH 11/12] Fixed inconsistent spacing in editor buttons (#27178)

Closes
https://linear.app/ghost/issue/DES-1337/right-side-buttons-have-inconsistent-spacing

The left and right side button groups in posts used inconsistent spacing
between the buttons.

| Before | After |
|--------|--------|
| <img width="298" height="192" alt="Screenshot 2026-04-06 at 15 29 55"
src="https://github.com/user-attachments/assets/8f595ccf-7439-4fe6-9790-1e9b6b231528"
/> | <img width="300" height="198" alt="Screenshot 2026-04-06 at 15 29
20"
src="https://github.com/user-attachments/assets/baa96bbb-d9f4-4c69-8f05-199a19ea4c94"
/>
---
 ghost/admin/app/styles/layouts/editor.css    | 10 +---------
 ghost/admin/app/templates/lexical-editor.hbs |  2 +-
 2 files changed, 2 insertions(+), 10 deletions(-)

diff --git a/ghost/admin/app/styles/layouts/editor.css b/ghost/admin/app/styles/layouts/editor.css
index f5db7ba70b5..966bbbd8cc2 100644
--- a/ghost/admin/app/styles/layouts/editor.css
+++ b/ghost/admin/app/styles/layouts/editor.css
@@ -1022,7 +1022,6 @@ body[data-user-is-dragging] .gh-editor-feature-image-dropzone {
     line-height: 34px;
     background: var(--white);
     border-radius: var(--border-radius);
-    margin-left: 8px;
 }
 
 @media (max-width: 500px) {
@@ -1078,6 +1077,7 @@ body[data-user-is-dragging] .gh-editor-feature-image-dropzone {
 .gh-editor-publish-buttons {
     display: flex;
     align-items: center;
+    gap: 8px;
     height: 100%;
     pointer-events: auto;
 }
@@ -1098,15 +1098,7 @@ body[data-user-is-dragging] .gh-editor-feature-image-dropzone {
     border-radius: var(--border-radius);
 }
 
-.gh-editor-save-trigger {
-    margin-right: 8px;
-}
 
-@media (max-width: 500px) {
-    .gh-editor-save-trigger {
-        margin-right: 0;
-    }
-}
 
 .gh-editor-preview-trigger {
     height: 34px;
diff --git a/ghost/admin/app/templates/lexical-editor.hbs b/ghost/admin/app/templates/lexical-editor.hbs
index 5f85a02edc3..fc6dc8be825 100644
--- a/ghost/admin/app/templates/lexical-editor.hbs
+++ b/ghost/admin/app/templates/lexical-editor.hbs
@@ -16,7 +16,7 @@
                     @saveTask={{this.saveTask}}
                     as |publishManagement|
                 >
-                    <div class="flex items-center pe-auto h-100">
+                    <div class="flex items-center pe-auto h-100 gap-2">
                         {{#if this.ui.isFullScreen}}
                             {{#if this.fromAnalytics}}
                                 <a href="#{{this.fromAnalytics}}" class="gh-btn-editor gh-editor-back-button" data-test-breadcrumb>

From bfe1c42f0c9c37ef299320283c2dfb919c4c186d Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Mon, 6 Apr 2026 07:58:01 -0700
Subject: [PATCH 12/12] Update ghost/traffic-analytics Docker tag to v1.0.172
 (#27163)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| ghost/traffic-analytics | patch | `1.0.116` → `1.0.172` |

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - Only on Sunday and Saturday ( * * * * 0,6 ), Between 12:00
AM and 12:59 PM, only on Monday ( * 0-12 * * 1 ) in timezone Etc/UTC.

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Never, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/TryGhost/Ghost).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMDIuMTEiLCJ1cGRhdGVkSW5WZXIiOiI0My4xMDIuMTEiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbXX0=-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
---
 compose.dev.analytics.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/compose.dev.analytics.yaml b/compose.dev.analytics.yaml
index cdd99bca4fa..3a9b7308803 100644
--- a/compose.dev.analytics.yaml
+++ b/compose.dev.analytics.yaml
@@ -5,7 +5,7 @@
 
 services:
   analytics:
-    image: ghost/traffic-analytics:1.0.116
+    image: ghost/traffic-analytics:1.0.172@sha256:14a736594128b06a0f7222d45e29ce284011f7346b17d2d5f0a7de9aa00cd11a
     container_name: ghost-dev-analytics
     platform: linux/amd64
     command: ["node", "--enable-source-maps", "dist/server.js"]