Skip to content

chore(deps-dev): bump @nestjs/core from 10.4.15 to 11.1.18#20109

Open
dependabot[bot] wants to merge 1 commit intodevelopfrom
dependabot/npm_and_yarn/nestjs/core-11.1.18
Open

chore(deps-dev): bump @nestjs/core from 10.4.15 to 11.1.18#20109
dependabot[bot] wants to merge 1 commit intodevelopfrom
dependabot/npm_and_yarn/nestjs/core-11.1.18

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 6, 2026

Bumps @nestjs/core from 10.4.15 to 11.1.18.

Release notes

Sourced from @​nestjs/core's releases.

v11.1.18 (2026-04-03)

Bug fixes

Dependencies

Committers: 6

v11.1.17 (2026-03-16)

Enhancements

Bugs

Dependencies

Committers: 3

... (truncated)

Commits
  • 3c1cc5f chore(release): publish v11.1.18 release
  • 0f962c7 fix(core): sanitize sse message
  • 94aa424 Merge pull request #16679 from nestjs/renovate/path-to-regexp-8.x
  • 368691c fix(core): prevent injector hang when design:paramtypes is missing
  • 25d4fde fix(deps): update dependency path-to-regexp to v8.4.2
  • 5c0b11e fix(deps): update dependency path-to-regexp to v8.4.1
  • f7d4460 Merge pull request #16637 from JakobStaudinger/moduleref-create-transient-sco...
  • d0a9dc9 fix(deps): update dependency path-to-regexp to v8.4.0
  • 4677434 feat(core): export IEntryNestModule type
  • 7493b94 fix(core): dependency injection edge case with moduleref.create
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
chore(deps-dev): bump @nestjs/core from 10.4.15 to 11.1.18
9b00f54 
Bumps [@nestjs/core](https://github.com/nestjs/nest/tree/HEAD/packages/core) from 10.4.15 to 11.1.18.
- [Release notes](https://github.com/nestjs/nest/releases)
- [Commits](https://github.com/nestjs/nest/commits/v11.1.18/packages/core)

---
updated-dependencies:
- dependency-name: "@nestjs/core"
  dependency-version: 11.1.18
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Apr 6, 2026
@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Apr 6, 2026
edited
Loading

Semver Impact of This PR

🟢 Patch (bug fixes)

📋 Changelog Preview

This is how your changes will appear in the changelog.
Entries from this PR are highlighted with a left border (blockquote style).

New Features ✨

Deps

  • Bump lodash.template from 4.5.0 to 4.18.1 by dependabot in #20085
  • Bump @xmldom/xmldom from 0.8.3 to 0.8.12 by dependabot in #20066

Other

  • (core) Support embeddings in langchain by nicohrubec in #20017
  • (core, node) Portable Express integration by isaacs in #19928
  • (deno) Add denoRuntimeMetricsIntegration by chargome in #20023
  • (node, bun) Enforce minimum collection interval in runtime metrics integrations by chargome in #20068

Bug Fixes 🐛

  • (aws-serverless) Add timeout to _endSpan forceFlush to prevent Lambda hanging by logaretm in #20064
  • (cloudflare) Ensure every request instruments functions by JPeer264 in #20044
  • (core) Set span.status to error when MCP tool returns JSON-RPC error response by betegon in #20082
  • (gatsby) Fix errorHandler signature to match bundler-plugin-core API by JPeer264 in #20048

Internal Changes 🔧

Core

  • Do not emit spans for chats.create in google-genai by nicohrubec in #19990
  • Unify .do* span ops to gen_ai.generate_content by nicohrubec in #20074
  • Simplify addResponseAttributes in openai integration by nicohrubec in #20013
  • Extract shared endStreamSpan for AI integrations by nicohrubec in #20021
  • Remove provider-specific AI span attributes in favor of gen_ai attributes in sentry conventions by nicohrubec in #20011

Deps

  • Bump mshick/add-pr-comment from dd126dd8c253650d181ad9538d8b4fa218fc31e8 to e7516d74559b5514092f5b096ed29a629a1237c6 by dependabot in #20078
  • Bump getsentry/craft/.github/workflows/changelog-preview.yml from 2.24.1 to 2.25.2 by dependabot in #20081

Other

  • (deps-dev) Bump @nestjs/core from 10.4.15 to 11.1.18 by dependabot[bot] in #20109
  • (node) Add node integration tests for Vercel ToolLoopAgent by nicohrubec in #20087
  • Update validate-pr workflow by stephanie-anderson in #20072
  • Remove unused tsconfig-template folder by mydea in #20067

🤖 This preview updates automatically when you update the PR.

1 similar comment
@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Apr 6, 2026

Semver Impact of This PR

🟢 Patch (bug fixes)

📋 Changelog Preview

This is how your changes will appear in the changelog.
Entries from this PR are highlighted with a left border (blockquote style).

New Features ✨

Deps

  • Bump lodash.template from 4.5.0 to 4.18.1 by dependabot in #20085
  • Bump @xmldom/xmldom from 0.8.3 to 0.8.12 by dependabot in #20066

Other

  • (core) Support embeddings in langchain by nicohrubec in #20017
  • (core, node) Portable Express integration by isaacs in #19928
  • (deno) Add denoRuntimeMetricsIntegration by chargome in #20023
  • (node, bun) Enforce minimum collection interval in runtime metrics integrations by chargome in #20068

Bug Fixes 🐛

  • (aws-serverless) Add timeout to _endSpan forceFlush to prevent Lambda hanging by logaretm in #20064
  • (cloudflare) Ensure every request instruments functions by JPeer264 in #20044
  • (core) Set span.status to error when MCP tool returns JSON-RPC error response by betegon in #20082
  • (gatsby) Fix errorHandler signature to match bundler-plugin-core API by JPeer264 in #20048

Internal Changes 🔧

Core

  • Do not emit spans for chats.create in google-genai by nicohrubec in #19990
  • Unify .do* span ops to gen_ai.generate_content by nicohrubec in #20074
  • Simplify addResponseAttributes in openai integration by nicohrubec in #20013
  • Extract shared endStreamSpan for AI integrations by nicohrubec in #20021
  • Remove provider-specific AI span attributes in favor of gen_ai attributes in sentry conventions by nicohrubec in #20011

Deps

  • Bump mshick/add-pr-comment from dd126dd8c253650d181ad9538d8b4fa218fc31e8 to e7516d74559b5514092f5b096ed29a629a1237c6 by dependabot in #20078
  • Bump getsentry/craft/.github/workflows/changelog-preview.yml from 2.24.1 to 2.25.2 by dependabot in #20081

Other

  • (deps-dev) Bump @nestjs/core from 10.4.15 to 11.1.18 by dependabot[bot] in #20109
  • (node) Add node integration tests for Vercel ToolLoopAgent by nicohrubec in #20087
  • Update validate-pr workflow by stephanie-anderson in #20072
  • Remove unused tsconfig-template folder by mydea in #20067

🤖 This preview updates automatically when you update the PR.

cursor[bot]
cursor bot reviewed Apr 6, 2026
View reviewed changes
Copy link
Copy Markdown

@cursor cursor bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cursor Bugbot has reviewed your changes and found 1 potential issue.

Fix All in Cursor

❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.

Reviewed by Cursor Bugbot for commit 9b00f54. Configure here.

packages/nestjs/package.json
"devDependencies": {
"@nestjs/common": "^10.0.0",
"@nestjs/core": "^10.0.0",
"@nestjs/core": "^11.1.18",
Copy link
Copy Markdown

@cursor cursor bot Apr 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Mismatched NestJS major versions in devDependencies

High Severity

Updating @nestjs/core to v11 while @nestjs/common remains at v10 in devDependencies creates a version mismatch. NestJS core v11 requires @nestjs/common v11 as a peer dependency, and this discrepancy can cause type incompatibilities, build/test failures, and runtime errors during development and CI.

Fix in Cursor Fix in Web

Reviewed by Cursor Bugbot for commit 9b00f54. Configure here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cursor cursor[bot] cursor[bot] left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants