Update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence	Type	Update
@babel/core (source)	7.28.4 -> 7.28.5			devDependencies	patch
@babel/eslint-parser (source)	7.28.4 -> 7.28.5			devDependencies	patch
@babel/preset-env (source)	7.28.3 -> 7.28.5			devDependencies	patch
@eslint/js (source)	9.36.0 -> 9.38.0			devDependencies	minor
@stryker-mutator/core (source)	9.1.1 -> 9.2.0			devDependencies	minor
@stryker-mutator/jest-runner (source)	9.1.1 -> 9.2.0			devDependencies	minor
@types/cookie-parser (source)	1.4.9 -> 1.4.10			dependencies	patch
@types/express (source)	5.0.3 -> 5.0.4			dependencies	patch
@types/node (source)	22.18.6 -> 22.18.12			dependencies	patch
@typescript-eslint/eslint-plugin (source)	8.44.1 -> 8.46.2			devDependencies	minor
@typescript-eslint/parser (source)	8.44.1 -> 8.46.2			devDependencies	minor
applicationinsights	3.10.0 -> 3.12.0			dependencies	minor
azuread (source)	3.5.0 -> 3.6.0			required_provider	minor
azurerm (source)	~> 4.45.0 -> ~> 4.50.0			required_provider	minor
eslint (source)	9.36.0 -> 9.38.0			devDependencies	minor
govuk-frontend (source)	5.12.0 -> 5.13.0			dependencies	minor
hashicorp/terraform	1.13.3 -> 1.13.4				patch
ioredis	5.8.0 -> 5.8.2			dependencies	patch
jest (source)	30.1.3 -> 30.2.0			devDependencies	minor
mocha (source)	11.7.2 -> 11.7.4			devDependencies	patch
node (source)	22.20.0 -> 22.21.0				minor
pa11y	9.0.0 -> 9.0.1			devDependencies	patch
puppeteer (source)	24.22.3 -> 24.26.1			devDependencies	minor
stylelint (source)	16.24.0 -> 16.25.0			devDependencies	minor
ts-jest (source)	29.4.4 -> 29.4.5			devDependencies	patch
typescript (source)	5.9.2 -> 5.9.3			dependencies	patch
typescript-eslint (source)	8.44.1 -> 8.46.2			devDependencies	minor
webdriverio (source)	9.19.2 -> 9.20.0			devDependencies	minor
webpack	5.101.3 -> 5.102.1			devDependencies	minor
winston	3.17.0 -> 3.18.3			dependencies	minor

---

Release Notes

babel/babel (@​babel/core)

v7.28.5

Compare Source

👓 Spec Compliance

• babel-parser
  • #​17446 Allow Runtime Errors for Function Call Assignment Targets (@​liuxingbaoyu)
• babel-helper-validator-identifier
  • #​17501 fix: update identifier to unicode 17 (@​fisker)

🐛 Bug Fix

• babel-plugin-proposal-destructuring-private
  • #​17534 Allow mixing private destructuring and rest (@​CO0Ki3)
• babel-parser
  • #​17521 Improve @babel/parser error typing (@​JLHwung)
  • #​17491 fix: improve ts-only declaration parsing (@​JLHwung)
• babel-plugin-proposal-discard-binding, babel-plugin-transform-destructuring
  • #​17519 fix: rest correctly returns plain array (@​liuxingbaoyu)
• babel-helper-create-class-features-plugin, babel-helper-member-expression-to-functions, babel-plugin-transform-block-scoping, babel-plugin-transform-optional-chaining, babel-traverse, babel-types
  • #​17503 Fix JSXIdentifier handling in isReferencedIdentifier (@​JLHwung)
• babel-traverse
  • #​17504 fix: ensure scope.push register in anonymous fn (@​JLHwung)

🏠 Internal

• babel-types
  • #​17494 Type checking babel-types scripts (@​JLHwung)

🏃‍♀️ Performance

• babel-core
  • #​17490 Faster finding of locations in buildCodeFrameError (@​liuxingbaoyu)

eslint/eslint (@​eslint/js)

v9.38.0

Compare Source

Features

• ce40f74 feat: update complexity rule to only highlight function header (#​20048) (Atul Nair)
• e37e590 feat: correct no-loss-of-precision false positives with e notation (#​20187) (Francesco Trotta)

Bug Fixes

• 50c3dfd fix: improve type support for isolated dependencies in pnpm (#​20201) (Francesco Trotta)
• a1f06a3 fix: correct SourceCode typings (#​20114) (Pixel998)

Documentation

• 462675a docs: improve web accessibility by hiding non-semantic character (#​20205) (루밀LuMir)
• c070e65 docs: correct formatting in no-irregular-whitespace rule documentation (#​20203) (루밀LuMir)
• b39e71a docs: Update README (GitHub Actions Bot)
• cd39983 docs: move custom-formatters type descriptions to nodejs-api (#​20190) (Percy Ma)

Chores

• d17c795 chore: upgrade @​eslint/js@​9.38.0 (#​20221) (Milos Djermanovic)
• 25d0e33 chore: package.json update for @​eslint/js release (Jenkins)
• c82b5ef refactor: Use types from @​eslint/core (#​20168) (Nicholas C. Zakas)
• ff31609 ci: add Node.js 25 to ci.yml (#​20220) (루밀LuMir)
• 004577e ci: bump github/codeql-action from 3 to 4 (#​20211) (dependabot[bot])
• eac71fb test: remove use of nodejsScope option of eslint-scope from tests (#​20206) (Milos Djermanovic)
• 4168a18 chore: fix typo in legacy-eslint.js (#​20202) (Sweta Tanwar)
• 205dbd2 chore: fix typos (#​20200) (ntnyq)
• dbb200e chore: use team member's username when name is not available in data (#​20194) (Milos Djermanovic)
• 8962089 chore: mark deprecated rules as available until v11.0.0 (#​20184) (Pixel998)

v9.37.0

Compare Source

Features

• 39f7fb4 feat: preserve-caught-error should recognize all static "cause" keys (#​20163) (Pixel998)
• f81eabc feat: support TS syntax in no-restricted-imports (#​19562) (Nitin Kumar)

Bug Fixes

• a129cce fix: correct no-loss-of-precision false positives for leading zeros (#​20164) (Francesco Trotta)
• 09e04fc fix: add missing AST token types (#​20172) (Pixel998)
• 861c6da fix: correct ESLint typings (#​20122) (Pixel998)

Documentation

• b950359 docs: fix typos across the docs (#​20182) (루밀LuMir)
• 42498a2 docs: improve ToC accessibility by hiding non-semantic character (#​20181) (Percy Ma)
• 29ea092 docs: Update README (GitHub Actions Bot)
• 5c97a04 docs: show availableUntil in deprecated rule banner (#​20170) (Pixel998)
• 90a71bf docs: update README files to add badge and instructions (#​20115) (루밀LuMir)
• 1603ae1 docs: update references from master to main (#​20153) (루밀LuMir)

Chores

• afe8a13 chore: update @eslint/js dependency to version 9.37.0 (#​20183) (Francesco Trotta)
• abee4ca chore: package.json update for @​eslint/js release (Jenkins)
• fc9381f chore: fix typos in comments (#​20175) (overlookmotel)
• e1574a2 chore: unpin jiti (#​20173) (renovate[bot])
• e1ac05e refactor: mark ESLint.findConfigFile() as async, add missing docs (#​20157) (Pixel998)
• 347906d chore: update eslint (#​20149) (renovate[bot])
• 0cb5897 test: remove tmp dir created for circular fixes in multithread mode test (#​20146) (Milos Djermanovic)
• bb99566 ci: pin jiti to version 2.5.1 (#​20151) (Pixel998)
• 177f669 perf: improve worker count calculation for "auto" concurrency (#​20067) (Francesco Trotta)
• 448b57b chore: Mark deprecated formatting rules as available until v11.0.0 (#​20144) (Milos Djermanovic)

stryker-mutator/stryker-js (@​stryker-mutator/core)

v9.2.0

Compare Source

Features

• server: do not overwrite mutate config with params (#​5498) (a1519a6)

9.1.1 (2025-08-30)

Bug Fixes

• server: pass options to server (#​5482) (cfbc11f), closes #​5481

stryker-mutator/stryker-js (@​stryker-mutator/jest-runner)

v9.2.0

Compare Source

Note: Version bump only for package @​stryker-mutator/jest-runner

9.1.1 (2025-08-30)

Note: Version bump only for package @​stryker-mutator/jest-runner

typescript-eslint/typescript-eslint (@​typescript-eslint/eslint-plugin)

v8.46.2

Compare Source

🩹 Fixes

• eslint-plugin: [prefer-optional-chain] skip optional chaining when it could change the result (#​11702)

❤️ Thank You

• mdm317

You can read about our versioning strategy and releases on our website.

v8.46.1

Compare Source

🩹 Fixes

• eslint-plugin: [no-misused-promises] special-case .finally not to report when a promise returning function is provided as an argument (#​11667)
• eslint-plugin: [prefer-optional-chain] include mixed "nullish comparison style" chains in checks (#​11533)

❤️ Thank You

• mdm317
• Ronen Amiel

You can read about our versioning strategy and releases on our website.

v8.46.0

Compare Source

🚀 Features

• eslint-plugin: [no-unsafe-member-access] add allowOptionalChaining option (#​11659)
• rule-schema-to-typescript-types: clean up and make public (#​11633)

🩹 Fixes

• eslint-plugin: [prefer-readonly-parameter-types] ignore tagged primitives (#​11660)
• typescript-estree: forbid abstract method and accessor to have implementation (#​11657)
• eslint-plugin: removed error type previously deprecated (#​11674)
• eslint-plugin: [no-deprecated] ignore deprecated export imports (#​11603)
• eslint-plugin: [unbound-method] improve wording around this: void and binding (#​11634)
• rule-tester: deprecate TestCaseError#type and LintMessage#nodeType (#​11628)
• eslint-plugin: [no-floating-promises] remove excess parentheses in suggestions (#​11487)

❤️ Thank You

• fisker Cheung @​fisker
• Josh Goldberg ✨
• Kirk Waiblinger @​kirkwaiblinger
• Mark de Dios @​peanutenthusiast
• Richard Torres @​richardtorres314
• Victor Genaev @​mainframev

You can read about our versioning strategy and releases on our website.

v8.45.0

Compare Source

🚀 Features

• eslint-plugin: expose rule name via RuleModule interface (#​11616)

🩹 Fixes

• eslint-plugin: [prefer-nullish-coalescing] ignoreBooleanCoercion should not apply to top-level ternary expressions (#​11614)
• eslint-plugin: [no-base-to-string] check if superclass is ignored (#​11617)

❤️ Thank You

• mdm317
• Moses Odutusin @​thebolarin
• Yukihiro Hasegawa @​y-hsgw

You can read about our versioning strategy and releases on our website.

typescript-eslint/typescript-eslint (@​typescript-eslint/parser)

v8.46.2

Compare Source

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

v8.46.1

Compare Source

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

v8.46.0

Compare Source

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

v8.45.0

Compare Source

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

microsoft/ApplicationInsights-node.js (applicationinsights)

v3.12.0

Compare Source

Other Changes

• Update OTLP metric creation to respect multiple inputs. (#​1470)
• Fix security vulnerability with json-bigint 0.3.1. (#​1472)

v3.11.0

Compare Source

Other Changes

• Use OTLP/Protobuf exporter for AMW endpoint. (#​1470)

hashicorp/terraform-provider-azuread (azuread)

v3.6.0

Compare Source

ENHANCEMENTS:

• data.azuread_named_location - add support for the object_id property (#​1703)
• azuread_named_location - add support for the object_id property (#​1703)

BUG FIXES:

• data.azuread_users - queries that return multiple users with the same mail nickname no longer causes an error (#​1762)

hashicorp/terraform-provider-azurerm (azurerm)

v4.50.0

Compare Source

FEATURES:

• New Data Source: azurerm_managed_redis (#​30060)
• New Resource: azurerm_managed_redis (#​30060)
• New Resource: azurerm_managed_redis_geo_replication (#​30060)

ENHANCEMENTS:

• dependencies: go-azure-sdk update to v0.20251016.1163854 (#​30883)
• dependencies: oracle - update to API version 2025-09-01 (#​30796)
• Data Source: azurerm_container_app_environment - add support for the public_network_access property (#​30817)
• azurerm_container_app_environment - add support for the public_network_access property (#​30817)
• azurerm_mssql_job_target_group - the job_target.job_credential_id property is no longer required when database_name is not set to allow for authentication using a managed identity (#​30898)
• azurerm_netapp_volume_resource - support for Cross Zone Region replication through the data_protection_replication block (#​30872)
• azurerm_search_service - implement plan time error when local_authentication_enabled = false and authentication_failure_mode is set (#​30882)

BUG FIXES:

• azurerm_mssql_database - allow existing zero or null value for auto_pause_delay_in_minutes and min_capacity of non-serverless database (#​30924)

v4.49.0

FEATURES:

• New Data Source: azurerm_graph_services_account (#​30697)
• New Data Source: azurerm_oracle_exascale_database_storage_vault (#​30043)
• New Resource: azurerm_api_management_workspace_policy_fragment (#​30678)
• New Resource: azurerm_oracle_exascale_database_storage_vault (#​30043)

ENHANCEMENTS:

• Data Source: azurerm_data_protection_backup_vault - add support for the identity.identity_ids property (#​29061)
• azurerm_consumption_budget_management_group - remove the maximum count validation for the notification block (#​29200)
• azurerm_consumption_budget_resource_group - remove the maximum count validation for the notification block (#​29200)
• azurerm_consumption_budget_subscription - remove the maximum count validation for the notification block (#​29200)
• azurerm_data_protection_backup_vault - add support for the identity.identity_ids property (#​29061)
• azurerm_data_protection_backup_vault - add support for UserAssigned and SystemAssigned, UserAssigned values to the identity.type property (#​29061)
• azurerm_monitor_data_collection_rule - improve validation for data_sources.*.name (#​30851)
• azurerm_search_service - support upgrading the sku based on tier (#​30842)
• azurerm_storage_queue - support migrating from storage_account_name to storage_account_id (#​30836)

BUG FIXES:

• azurerm_application_insights - fix an issue that caused tags to be removed when other properties were updated (#​30758)
• azurerm_container_registry - fix the name length validation to allow 50 rather than 49 (#​30858)
• azurerm_function_app_flex_consumption - the auth_settings block contents are now set into state when auth_settings.enabled is set to false (#​30781)
• azurerm_linux_function_app - the auth_settings block contents are now set into state when auth_settings.enabled is set to false (#​30781)
• azurerm_linux_function_app_slot - the auth_settings block contents are now set into state when auth_settings.enabled is set to false (#​30781)
• azurerm_linux_web_app - the auth_settings block contents are now set into state when auth_settings.enabled is set to false (#​30781)
• azurerm_linux_web_app_slot - the auth_settings block contents are now set into state when auth_settings.enabled is set to false (#​30781)
• azurerm_mssql_database - fix validation for min_capacity and auto_pause_delay_in_minutes being set on non-serverless SKUs (#​30856)
• azurerm_signalr_service_custom_certificate - remove unnecessary API requests and checks that could lead to a panic (#​30412)
• azurerm_windows_function_app - the auth_settings block contents are now set into state when auth_settings.enabled is set to false (#​30781)
• azurerm_windows_function_app_slot - the auth_settings block contents are now set into state when auth_settings.enabled is set to false (#​30781)
• azurerm_windows_web_app - the auth_settings block contents are now set into state when auth_settings.enabled is set to false (#​30781)
• azurerm_windows_web_app_slot - the auth_settings block contents are now set into state when auth_settings.enabled is set to false (#​30781)

v4.48.0

Compare Source

FEATURES:

• New Data Source: azurerm_oracle_autonomous_database_clone_from_backup (#​29633)
• New Data Source: azurerm_oracle_autonomous_database_clone_from_database (#​29633)
• New Resource: azurerm_oracle_autonomous_database_clone_from_backup (#​29633)
• New Resource: azurerm_oracle_autonomous_database_clone_from_database (#​29633)

ENHANCEMENTS:

• dependencies: containerapps - update to API version 2025-07-01 (#​30801)
• dependencies: containerservice - update to API version 2025-07-01 (#​30719)
• dependencies: go-azure-sdk - update to v0.20251007.1195632 (#​30799)
• dependencies: guestconfiguration - update to API version 2024-04-05 (#​30642)
• dependencies: search - update to API version 2025-05-01 (#​30314)
• azurerm_kubernetes_cluster - add support for AzureLinux3 and Ubuntu2204 to the default_node_pool.os_sku property (#​30719)
• azurerm_kubernetes_cluster - add support for the ai_toolchain_operator_enabled property (#​30713)
• azurerm_kubernetes_cluster_node_pool - add support for AzureLinux3 and Ubuntu2204 to the os_sku property (#​30719)
• azurerm_linux_virtual_machine_scale_set - add support for the resilient_vm_creation_enabled and resilient_vm_deletion_enabled properties (#​30204)
• azurerm_network_watcher_flow_log - changing the target_resource_id property no longer forces the resource to be replaced (#​30776)
• azurerm_notification_hub_namespace - add support for replication_region and zone_redundancy_enabled (#​30531)
• azurerm_windows_virtual_machine_scale_set - add support for the resilient_vm_creation_enabled and resilient_vm_deletion_enabled properties (#​30204)

BUG FIXES:

• azurerm_eventhub_namespace - maximum_throughput_units can be set to 0 when auto_inflate_enabled is disabled (#​30777)
• azurerm_log_analytics_workspace - fix the default value for local_authentication_enabled (#​30759)
• azurerm_mssql_database - add validation to ensure that min_capacity and auto_pause_delay_in_minutes can only be set on serverless dbs (#​30790)
• azurerm_mssql_server - the azuread_administrator block now updates in place rather than being deleted/recreated (#​30742)
• azurerm_network_watcher_flow_log - the target_resource_id property is now included in the update request payload resolving an issue where changing it failed to recreate or update the resource (#​30776)
• azurerm_pim_eligible_role_assignment - improve filter used during List requests to prevent timeouts (#​30705)
• azurerm_postgresql_flexible_server_virtual_endpoint - fix read error when in replica set in failover state (#​30789)

v4.47.0

Compare Source

FEATURES:

• New Resource: azurerm_api_management_workspace_policy (#​30547)

ENHANCEMENTS:

• dependencies: go-azure-sdk - update to v0.20250924.1155608 (#​30693)
• azurerm_cognitive_account - add support for value AIServices to kind property (#​30423)
• azurerm_cognitive_account - add the project_management_enabled property (#​30423)
• azurerm_cognitive_account - add the network_injection property (#​30423)
• azurerm_palo_alto_local_rulestack_rule - increase limit for priority to 1000000 (#​30712)
• azurerm_stream_analytics_job - add support for the Msi value in the job_storage_account.authentication_mode property (#​30728)

BUG FIXES:

• azurerm_management_group_policy_remediation - suppress casing difference on policy_definition_reference_id to avoid a perpetual diff as the API doesn't honour casing (#​30736)
• azurerm_resource_group_policy_remediation - suppress casing difference on policy_definition_reference_id to avoid a perpetual diff as the API doesn't honour casing (#​30736)
• azurerm_resource_policy_remediation - suppress casing difference on policy_definition_reference_id to avoid a perpetual diff as the API doesn't honour casing (#​30736)
• azurerm_storage_account - fix error that occurs around queue_properties when not specified (#​30746)
• azurerm_subscription_policy_remediation - suppress casing difference on policy_definition_reference_id to avoid a perpetual diff as the API doesn't honour casing (#​30736)

v4.46.0

Compare Source

ENHANCEMENTS:

• dependencies: frontdoor/webapplicationfirewallpolicies - update to API version 2025-03-01 (#​29742)
• azurerm_cdn_frontdoor_firewall_policy - support for the captcha_cookie_expiration_in_minutes property and the CAPTCHA value in the custom_rule.action property (#​29742)
• azurerm_cdn_frontdoor_security_policy - add update ability (#​30299)
• azurerm_cognitive_account - add support for C2, C3, C4, D3, and S1 to sku_name (#​30655)
• azurerm_flex_function_app - add support for the http_concurrency property ([#​29678](https://redirect

---

Configuration

📅 Schedule: Branch creation - "after 3pm and before 7pm every weekday" in timezone Europe/London, Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[hmcts-jenkins-j-to-z]

Plan Result (aat)

Plan: 0 to add, 1 to change, 0 to destroy.

• Update
  • module.lau-frontend-session-storage.azurerm_redis_cache.redis

Change Result (Click me)

  # module.lau-frontend-session-storage.azurerm_redis_cache.redis will be updated in-place
  ~ resource "azurerm_redis_cache" "redis" {
        id                                 = "/subscriptions/1c4f0704-a29e-403d-b719-b90c34ef14c9/resourceGroups/lau-frontend-session-storage-cache-aat/providers/Microsoft.Cache/redis/lau-frontend-session-storage-aat"
        name                               = "lau-frontend-session-storage-aat"
        tags                               = {
            "application"         = "log-and-audit"
            "autoShutdown"        = "true"
            "builtFrom"           = "https://github.com/HMCTS/lau-frontend.git"
            "businessArea"        = "CFT"
            "contactSlackChannel" = "#lau-dev"
            "environment"         = "staging"
            "managedBy"           = "LAU"
        }
        # (24 unchanged attributes hidden)

      ~ redis_configuration {
          ~ maxfragmentationmemory_reserved         = 125 -> 642
          ~ maxmemory_delta                         = 125 -> 642
          ~ maxmemory_reserved                      = 125 -> 642
            # (14 unchanged attributes hidden)
        }
    }

Plan: 0 to add, 1 to change, 0 to destroy.

[hmcts-jenkins-j-to-z]

Plan Result (prod)

No changes. Your infrastructure matches the configuration.