Skip to content

chore(deps): bump multer, @nestjs/core, @nestjs/platform-express, @nestjs/platform-socket.io and @nestjs/websockets in /examples/260-nestjs-websocket-stt#133

Merged
lukeocodes merged 2 commits intomainfrom
dependabot/npm_and_yarn/examples/260-nestjs-websocket-stt/multi-526bf6d8bb
Apr 2, 2026
Merged

chore(deps): bump multer, @nestjs/core, @nestjs/platform-express, @nestjs/platform-socket.io and @nestjs/websockets in /examples/260-nestjs-websocket-stt#133
lukeocodes merged 2 commits intomainfrom
dependabot/npm_and_yarn/examples/260-nestjs-websocket-stt/multi-526bf6d8bb

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 2, 2026

Bumps multer to 2.1.1 and updates ancestor dependencies multer, @nestjs/core, @nestjs/platform-express, @nestjs/platform-socket.io and @nestjs/websockets. These dependencies need to be updated together.

Updates multer from 2.0.2 to 2.1.1

Release notes

Sourced from multer's releases.

v2.1.1

Important

What's Changed

New Contributors

Full Changelog: expressjs/multer@v2.1.0...v2.1.1

v2.1.0

Important

What's Changed

New Contributors

Full Changelog: expressjs/multer@v2.0.2...v2.1.0

Changelog

Sourced from multer's changelog.

2.1.1

2.1.0

Commits
  • 368c8a1 2.1.1 (#1380)
  • 7e66481 🐛 fix recursion issue
  • 643571e ✅ add explicit test for client able to send body without abrupt disconnect
  • e86fa52 fix error/abort handling
  • ca37779 chore(deps): bump actions/checkout from 4.1.1 to 6.0.2 (#1374)
  • 13088f4 chore(deps): bump actions/upload-artifact from 4.5.0 to 7.0.0 (#1375)
  • bc6a1d1 chore(deps): bump github/codeql-action from 3.24.7 to 4.32.4 (#1376)
  • c496e93 chore(deps): bump coverallsapp/github-action from 1.2.5 to 2.3.6 (#1377)
  • fa173d3 chore(deps): bump ossf/scorecard-action from 2.4.0 to 2.4.3 (#1378)
  • 17d7f51 chore: add node version to 25.x in CI
  • Additional commits viewable in compare view

Updates @nestjs/core from 10.4.22 to 11.1.17

Release notes

Sourced from @​nestjs/core's releases.

v11.1.17 (2026-03-16)

Enhancements

Bugs

Dependencies

Committers: 3

v11.1.16 (2026-03-05)

Bug fixes

  • microservices

Dependencies

Committers: 2

v11.1.15

What's Changed

New Contributors

Full Changelog: nestjs/nest@v11.1.14...v11.1.15

v11.1.14 (2026-02-17)

... (truncated)

Commits
  • 447a373 chore(release): publish v11.1.17 release
  • cbdf737 feat(core): auto run get middleware for head requests
  • 315e698 chore(release): publish v11.1.16 release
  • c9268ff Merge pull request #16493 from shahnoormujawar/fix/unknown-dependencies-messa...
  • 6add3d6 chore(release): publish v11.1.15 release
  • e5fc974 fix(core): refine unknown dependencies message token display
  • 5d31df7 chore(release): publish v11.1.14 release
  • 8d1c16c chore: update readme
  • e3a958a chore(release): publish v11.1.13 release
  • db9494a perf(core): use set instead of array for module registry lookup
  • Additional commits viewable in compare view

Updates @nestjs/platform-express from 10.4.22 to 11.1.17

Release notes

Sourced from @​nestjs/platform-express's releases.

v11.1.17 (2026-03-16)

Enhancements

Bugs

Dependencies

Committers: 3

v11.1.16 (2026-03-05)

Bug fixes

  • microservices

Dependencies

Committers: 2

v11.1.15

What's Changed

New Contributors

Full Changelog: nestjs/nest@v11.1.14...v11.1.15

v11.1.14 (2026-02-17)

... (truncated)

Commits
  • 447a373 chore(release): publish v11.1.17 release
  • 315e698 chore(release): publish v11.1.16 release
  • 24956b5 fix(deps): update dependency multer to v2.1.1
  • 6add3d6 chore(release): publish v11.1.15 release
  • 1c09faf fix(deps): update dependency multer to v2.1.0 [security]
  • 5d31df7 chore(release): publish v11.1.14 release
  • 8d1c16c chore: update readme
  • e3a958a chore(release): publish v11.1.13 release
  • 58c761a fix(deps): update dependency cors to v2.8.6
  • 96932ad chore(release): publish v11.1.12 release
  • Additional commits viewable in compare view

Updates @nestjs/platform-socket.io from 10.4.22 to 11.1.17

Release notes

Sourced from @​nestjs/platform-socket.io's releases.

v11.1.17 (2026-03-16)

Enhancements

Bugs

Dependencies

Committers: 3

v11.1.16 (2026-03-05)

Bug fixes

  • microservices

Dependencies

Committers: 2

v11.1.15

What's Changed

New Contributors

Full Changelog: nestjs/nest@v11.1.14...v11.1.15

v11.1.14 (2026-02-17)

... (truncated)

Commits
  • 447a373 chore(release): publish v11.1.17 release
  • 315e698 chore(release): publish v11.1.16 release
  • 6add3d6 chore(release): publish v11.1.15 release
  • 5d31df7 chore(release): publish v11.1.14 release
  • 8d1c16c chore: update readme
  • e3a958a chore(release): publish v11.1.13 release
  • 96932ad chore(release): publish v11.1.12 release
  • 585f55f chore: revert lerna version
  • fef323b chore(release): publish v11.1.11 release
  • 462d02d fix(deps): update socket.io packages to v4.8.3
  • Additional commits viewable in compare view

Updates @nestjs/websockets from 10.4.22 to 11.1.17

Release notes

Sourced from @​nestjs/websockets's releases.

v11.1.17 (2026-03-16)

Enhancements

Bugs

Dependencies

Committers: 3

v11.1.16 (2026-03-05)

Bug fixes

  • microservices

Dependencies

Committers: 2

v11.1.15

What's Changed

New Contributors

Full Changelog: nestjs/nest@v11.1.14...v11.1.15

v11.1.14 (2026-02-17)

... (truncated)

Commits
  • 447a373 chore(release): publish v11.1.17 release
  • 315e698 chore(release): publish v11.1.16 release
  • 6add3d6 chore(release): publish v11.1.15 release
  • 5d31df7 chore(release): publish v11.1.14 release
  • 8d1c16c chore: update readme
  • e3a958a chore(release): publish v11.1.13 release
  • 96932ad chore(release): publish v11.1.12 release
  • 585f55f chore: revert lerna version
  • fef323b chore(release): publish v11.1.11 release
  • de5e026 chore(@​nestjs) publish v11.1.10 release
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
chore(deps): bump multer, @nestjs/core, @nestjs/platform-express, @ne…
d07932c 
…stjs/platform-socket.io and @nestjs/websockets

Bumps [multer](https://github.com/expressjs/multer) to 2.1.1 and updates ancestor dependencies [multer](https://github.com/expressjs/multer), [@nestjs/core](https://github.com/nestjs/nest/tree/HEAD/packages/core), [@nestjs/platform-express](https://github.com/nestjs/nest/tree/HEAD/packages/platform-express), [@nestjs/platform-socket.io](https://github.com/nestjs/nest/tree/HEAD/packages/platform-socket.io) and [@nestjs/websockets](https://github.com/nestjs/nest/tree/HEAD/packages/websockets). These dependencies need to be updated together.


Updates `multer` from 2.0.2 to 2.1.1
- [Release notes](https://github.com/expressjs/multer/releases)
- [Changelog](https://github.com/expressjs/multer/blob/main/CHANGELOG.md)
- [Commits](expressjs/multer@v2.0.2...v2.1.1)

Updates `@nestjs/core` from 10.4.22 to 11.1.17
- [Release notes](https://github.com/nestjs/nest/releases)
- [Commits](https://github.com/nestjs/nest/commits/v11.1.17/packages/core)

Updates `@nestjs/platform-express` from 10.4.22 to 11.1.17
- [Release notes](https://github.com/nestjs/nest/releases)
- [Commits](https://github.com/nestjs/nest/commits/v11.1.17/packages/platform-express)

Updates `@nestjs/platform-socket.io` from 10.4.22 to 11.1.17
- [Release notes](https://github.com/nestjs/nest/releases)
- [Commits](https://github.com/nestjs/nest/commits/v11.1.17/packages/platform-socket.io)

Updates `@nestjs/websockets` from 10.4.22 to 11.1.17
- [Release notes](https://github.com/nestjs/nest/releases)
- [Commits](https://github.com/nestjs/nest/commits/v11.1.17/packages/websockets)

---
updated-dependencies:
- dependency-name: multer
  dependency-version: 2.1.1
  dependency-type: indirect
- dependency-name: "@nestjs/core"
  dependency-version: 11.1.17
  dependency-type: direct:production
- dependency-name: "@nestjs/platform-express"
  dependency-version: 11.1.17
  dependency-type: direct:production
- dependency-name: "@nestjs/platform-socket.io"
  dependency-version: 11.1.17
  dependency-type: direct:production
- dependency-name: "@nestjs/websockets"
  dependency-version: 11.1.17
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Apr 2, 2026
@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Apr 2, 2026

Missing credentials — these Node.js examples need secrets:

  • examples/260-nestjs-websocket-stt

@deepgram/devrel please add the required secrets.

@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Apr 2, 2026

Code Review

Overall: CHANGES REQUESTED

Tests ran ❌

npm error code ERESOLVE
npm error ERESOLVE could not resolve
npm error
npm error While resolving: @nestjs/core@11.1.17
npm error Found: @nestjs/common@10.4.22
npm error node_modules/@nestjs/common
npm error   @nestjs/common@"^10.4.0" from the root project
npm error
npm error Could not resolve dependency:
npm error peer @nestjs/common@"^11.0.0" from @nestjs/core@11.1.17

The project cannot be installed due to a peer dependency conflict. Dependabot bumped @nestjs/core, @nestjs/platform-express, @nestjs/platform-socket.io, and @nestjs/websockets from v10 → v11, but did not bump @nestjs/common which remains at ^10.4.0. All NestJS v11 packages require @nestjs/common@^11.0.0 as a peer dependency.

Integration genuineness

Pass — the underlying example code correctly uses @deepgram/sdk with real live streaming API calls and has proper credential checks.

Code quality

  • @deepgram/sdk version 5.0.0 matches the required JS SDK version ✅
  • tag: 'deepgram-examples' is present ✅
  • No hardcoded credentials ✅
  • Credential check runs first in main.ts and in tests/test.js

Dependency issue (blocking)

@nestjs/common must also be bumped to ^11.0.0 in package.json for this PR to be installable. Without that change, npm install fails outright.

Documentation

N/A — this is a dependency-only PR.

Please address the items above. The fix agent will pick this up.

Review by Lead on 2026-04-02

@github-actions github-actions bot added the status:fix-needed Tests failing — fix agent queued label Apr 2, 2026
@lukeocodes lukeocodes removed the status:fix-needed Tests failing — fix agent queued label Apr 2, 2026
@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Apr 2, 2026

Code Review

Overall: APPROVED

Tests ran ✅

Building TypeScript...
✓ Audio ready: 829866 bytes of linear16 16 kHz
[Nest] Starting Nest application...
Server listening on http://localhost:3098

✓ Server started on :3098
✓ GET /health → { status: "ok" }

Streaming audio through Socket.IO → Deepgram (up to 30s)...
[deepgram] Connection opened
Deepgram ready — streaming audio...
[interim] Yeah. Is
[final] Yeah. As as much as, it's worth
[interim] celebrating,
[deepgram] Connection closed

✓ Received 4 transcript event(s)
✓ Transcript content verified (4 events, 74 chars)
✓ All tests passed

Integration genuineness

Pass — existing example code uses @deepgram/sdk v5.0.0 with real Deepgram live transcription API calls. Test makes real API calls and receives real transcripts.

Code quality

  • @deepgram/sdk@5.0.0 — matches required SDK version
  • tag: 'deepgram-examples' present in live options
  • ✅ No hardcoded credentials
  • ✅ Credential check runs first (both in main.ts and tests/test.js)
  • ✅ Transcript assertions use event count + character length (not specific words)
  • ✅ Error handling covers connection failures, Deepgram errors, and disconnects
  • ✅ TypeScript compiles cleanly with NestJS v11
  • ⚠️ npm audit reports 5 high-severity vulns in transitive dep path-to-regexp@8.3.0 (ReDoS via GHSA-j3q9-mxjg-w52f, GHSA-27v5-c462-wpq7). This is a NestJS upstream issue — no fix available until NestJS updates their dependency. Acceptable for an example project.

Documentation

N/A — dependency bump only; no docs changes needed.

✓ All checks pass. Build succeeds, tests pass with real Deepgram API. This is a straightforward dependency bump (NestJS 10→11, multer 2.0→2.1 with CVE fixes). Ready for merge.

Review by Lead on 2026-04-02

@github-actions github-actions bot added the status:review-passed Self-review passed label Apr 2, 2026
@lukeocodes lukeocodes merged commit 31f2bcc into main Apr 2, 2026
12 checks passed
@lukeocodes lukeocodes deleted the dependabot/npm_and_yarn/examples/260-nestjs-websocket-stt/multi-526bf6d8bb branch April 2, 2026 22:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code status:review-passed Self-review passed

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@lukeocodes