deps: bump the helia-deps group across 1 directory with 17 updates

[dependabot]

Bumps the helia-deps group with 12 updates in the / directory:

Package	From	To
@helia/block-brokers	4.2.2	4.2.4
@helia/http	2.1.2	2.2.1
@helia/verified-fetch	3.2.0	3.2.1
@libp2p/dcutr	2.0.37	2.0.38
@libp2p/identify	3.0.38	3.0.39
@libp2p/ping	2.0.36	2.0.37
@libp2p/websockets	9.2.18	9.2.19
@libp2p/webtransport	5.0.50	5.0.51
@multiformats/dns	1.0.6	1.0.9
helia	5.4.2	5.5.1
libp2p	2.9.0	2.10.0
multiformats	13.3.7	13.4.1

Updates @helia/block-brokers from 4.2.2 to 4.2.4

Release notes

Sourced from @​helia/block-brokers's releases.

block-brokers: v4.2.4

4.2.4 (2025-07-31)

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • @​helia/bitswap bumped from ^2.1.3 to ^2.2.0

block-brokers: v4.2.3

4.2.3 (2025-07-22)

Bug Fixes

• trustless gateway returned blocks can be limited (#791) (7a52e95)

Documentation

• fix API docs link (#809) (41bcc88)

Dependencies

• update @​multiformats/multiaddr matcher (#827) (a026690)
• The following workspace dependencies were updated
  • dependencies
    • @​helia/bitswap bumped from ^2.1.2 to ^2.1.3
    • @​helia/interface bumped from ^5.3.2 to ^5.4.0
    • @​helia/utils bumped from ^1.3.2 to ^1.4.0

Commits

• 3a07933 chore: release main (#562)
• 3577d3d fix: update circuit relay server args (#561)
• 2f3beda chore: release main (#545)
• 21ef20c fix: do not depend on external domains in dnslink tests (#547)
• 011fa92 fix: add missing log prefix colon for helia:session-storage (#544)
• See full diff in compare view

Updates @helia/http from 2.1.2 to 2.2.1

Release notes

Sourced from @​helia/http's releases.

http: v2.2.1

2.2.1 (2025-07-31)

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • @​helia/block-brokers bumped from ^4.2.3 to ^4.2.4

http: v2.2.0

2.2.0 (2025-07-22)

Features

• add libp2p to @​helia/http (#826) (235e5c4)

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • @​helia/block-brokers bumped from ^4.2.2 to ^4.2.3
    • @​helia/interface bumped from ^5.3.2 to ^5.4.0
    • @​helia/routers bumped from ^3.1.2 to ^3.1.3
    • @​helia/utils bumped from ^1.3.2 to ^1.4.0

bitswap: v2.2.0

2.2.0 (2025-07-31)

Features

• add block received event (#837) (7d471a0)

bitswap: v2.1.3

2.1.3 (2025-07-22)

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • @​helia/interface bumped from ^5.3.2 to ^5.4.0
    • @​helia/utils bumped from ^1.3.2 to ^1.4.0

Commits

• a0cac72 chore: release main (#838)
• 9f51b17 feat: expose extended option for ls in mfs and unixfs (#836)
• 5a911c6 feat: expose providers option (#834)
• 7d471a0 feat: add block received event (#837)
• 107b900 chore: release main (#808)
• 8df30db docs: fix module name typo in readme (#829)
• a026690 deps: update @​multiformats/multiaddr matcher (#827)
• 235e5c4 feat: add libp2p to @​helia/http (#826)
• 1e9745c docs: add example of adding browser file/dir to unixfs (#817)
• 28a7091 fix: flaky test to publish an IPNS record (#810)
• Additional commits viewable in compare view

Updates @helia/interface from 5.3.2 to 5.4.0

Release notes

Sourced from @​helia/interface's releases.

helia: v5.4.0

5.4.0 (2025-05-13)

Features

• export default helia config (#783) (ae67092)

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • @​helia/block-brokers bumped from ^4.1.0 to ^4.2.0
    • @​helia/interface bumped from ^5.2.1 to ^5.3.0
    • @​helia/routers bumped from ^3.0.1 to ^3.1.0
    • @​helia/utils bumped from ^1.2.2 to ^1.3.0

interface: v5.4.0

5.4.0 (2025-07-22)

Features

• add libp2p to @​helia/http (#826) (235e5c4)

Bug Fixes

• trustless gateway returned blocks can be limited (#791) (7a52e95)

Commits

• 15de32f feat: allow modifying trustless-gateway fetch (#751)
• 375796a fix: align implicit default ttl with specs (#749)
• 45ca6bc docs: add spell checker to ci (#743)
• d602bb2 chore: Update FUNDING.json for Optimism RPF (#746)
• 2c7185c chore: bump codecov/codecov-action from 5.1.2 to 5.3.1 (#726)
• eaf789a chore: bump tinybench from 2.9.0 to 3.1.1 in /benchmarks/add-dir (#729)
• 99bb059 chore: bump tinybench from 2.9.0 to 3.1.1 in /benchmarks/gc (#730)
• ac7185a deps: bump it-length-prefixed from 9.1.1 to 10.0.1 (#740)
• deb9165 feat: add WebRTC-Direct listener (#741)
• fc2b6d4 chore: release main (#735)
• Additional commits viewable in compare view

Updates @helia/routers from 3.1.2 to 3.1.3

Release notes

Sourced from @​helia/routers's releases.

routers: v3.1.3

3.1.3 (2025-07-22)

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • @​helia/interface bumped from ^5.3.2 to ^5.4.0

Commits

• 13daa26 chore: release main (#483)
• 9ea934e fix: improve sessions implementation (#495)
• 9a10498 fix: blockstore operations should throw when passed an aborted signal (#497)
• 5323724 ci: bump codecov/codecov-action from 4.2.0 to 4.3.0 (#496)
• 9c8a2c0 chore: order of releases in changelog (#492)
• b67ac5f fix: wrap blockstore in identity blockstore (#493)
• b1c761d fix: remove wants from wantlist when multiple block retrievers are used (#491)
• 395cd9e fix: cancel in-flight block requests when racing brokers (#490)
• 532d6c4 docs: update root CHANGELOG package links (#489)
• ba4b7ba ci: bump codecov/codecov-action from 4.1.1 to 4.2.0 (#487)
• Additional commits viewable in compare view

Updates @helia/verified-fetch from 3.2.0 to 3.2.1

Release notes

Sourced from @​helia/verified-fetch's releases.

@​helia/verified-fetch-3.2.1

@​helia/verified-fetch-v3.2.1 (2025-09-12)

Tests

• conformance testing more modular, no hangs (#266) (ae6e463)

Commits

• 4ad5e20 chore(release): 3.2.1 [skip ci]
• ae6e463 test: conformance testing more modular, no hangs (#266)
• cd5a103 chore(release): 1.5.0 [skip ci]
• See full diff in compare view

Updates @libp2p/crypto from 5.1.7 to 5.1.8

Release notes

Sourced from @​libp2p/crypto's releases.

crypto: v5.1.8

5.1.8 (2025-08-19)

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • @​libp2p/interface bumped from ^2.10.5 to ^2.11.0

Commits

• f90fb1f chore: release main (#3217)
• 5ed83dd chore: bump actions/checkout from 4 to 5 (#3245)
• aa770ab fix: avoid wasteful reprovides outside threshold (#3238)
• 7ce083d test: add connection gater integration tests (#3242)
• cf9aab5 fix: silence max listeners warning for dht routing table (#3233)
• cb1c14e feat: allow async stream handlers (#3212)
• 4420fad fix: use failure event instead of error (#3219)
• 79473c9 chore: pass correct log
• ce6b542 fix: scope logging to connection and stream (#3215)
• 58abe87 feat: allow creating scoped loggers (#3214)
• Additional commits viewable in compare view

Updates @libp2p/dcutr from 2.0.37 to 2.0.38

Commits

• 2385cf8 chore: release main (#3143)
• ab014c0 fix: make event detail optional (#3144)
• 7788b40 fix: allow setting interval repeatedly (#3141)
• 776cb43 chore: fix linting
• 03ddfa0 chore: release main (#3139)
• aa25d38 chore: tidy up dependabot
• 89a5977 chore: tidy up dependabot
• ce57fab chore: bump @​libp2p/kad-dht from 14.2.15 to 15.1.0 in /packages/integration-t...
• 923ecc6 deps: bump it-queueless-pushable from 1.0.2 to 2.0.1 in /packages/connection-...
• d1ce677 deps: bump sinon from 19.0.5 to 20.0.0 (#3112)
• Additional commits viewable in compare view

Updates @libp2p/identify from 3.0.38 to 3.0.39

Release notes

Sourced from @​libp2p/identify's releases.

identify: v3.0.39

3.0.39 (2025-08-19)

Bug Fixes

• scope logging to connection and stream (#3215) (ce6b542)

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • @​libp2p/crypto bumped from ^5.1.7 to ^5.1.8
    • @​libp2p/interface bumped from ^2.10.5 to ^2.11.0
    • @​libp2p/interface-internal bumped from ^2.3.18 to ^2.3.19
    • @​libp2p/peer-id bumped from ^5.1.8 to ^5.1.9
    • @​libp2p/peer-record bumped from ^8.0.34 to ^8.0.35
    • @​libp2p/utils bumped from ^6.7.1 to ^6.7.2
  • devDependencies
    • @​libp2p/logger bumped from ^5.1.21 to ^5.2.0

Commits

• f90fb1f chore: release main (#3217)
• 5ed83dd chore: bump actions/checkout from 4 to 5 (#3245)
• aa770ab fix: avoid wasteful reprovides outside threshold (#3238)
• 7ce083d test: add connection gater integration tests (#3242)
• cf9aab5 fix: silence max listeners warning for dht routing table (#3233)
• cb1c14e feat: allow async stream handlers (#3212)
• 4420fad fix: use failure event instead of error (#3219)
• 79473c9 chore: pass correct log
• ce6b542 fix: scope logging to connection and stream (#3215)
• 58abe87 feat: allow creating scoped loggers (#3214)
• Additional commits viewable in compare view

Updates @libp2p/keychain from 5.2.8 to 5.2.9

Release notes

Sourced from @​libp2p/keychain's releases.

keychain: v5.2.9

5.2.9 (2025-08-19)

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • @​libp2p/crypto bumped from ^5.1.7 to ^5.1.8
    • @​libp2p/interface bumped from ^2.10.5 to ^2.11.0
    • @​libp2p/utils bumped from ^6.7.1 to ^6.7.2
  • devDependencies
    • @​libp2p/logger bumped from ^5.1.21 to ^5.2.0

Commits

• f4035c0 chore: release main (#3045)
• 2f2322a fix: do not expire self multiaddrs (#3053)
• 95909c3 chore: update error name
• a71c7c3 fix: only check for non-wildcard ports (#3050)
• 907518b test: add @​chainsafe/libp2p-quic to interop suite (#3044)
• a7ab9a4 fix: use getThinWaistAddresss function (#3047)
• 757577d feat: add util to get thin waist addresses (#3043)
• 639ff92 chore: release main (#3039)
• 0699fb7 feat: support parsing base32 and base36 libp2p-key CIDs in peerIdFromString (...
• 600d0a5 fix: drain timeout is 30s no 301s (#3041)
• Additional commits viewable in compare view

Updates @libp2p/logger from 5.1.21 to 5.2.0

Release notes

Sourced from @​libp2p/logger's releases.

logger: v5.2.0

5.2.0 (2025-08-19)

Features

• allow creating scoped loggers (#3214) (58abe87)

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • @​libp2p/interface bumped from ^2.10.5 to ^2.11.0
  • devDependencies
    • @​libp2p/peer-id bumped from ^5.1.8 to ^5.1.9

Commits

• 8b8ce90 chore: release main (#2343)
• 444d837 fix: perform find peer during dial if peer has no multiaddrs (#2345)
• 53e83ee fix: remove extra deps (#2340)
• d011f61 fix: do not find peer when DHT yields peers without multiaddrs (#2344)
• 528d737 fix: replace p-queue with less restrictive queue (#2339)
• 581574d feat: add tracked list to utils (#2338)
• 388d02b fix: ensure dht query is aborted on early exit (#2341)
• ba70899 chore: fix MockMetrics eslint warning (#2342)
• 6f97261 chore: Update .github/pull_request_template.md [skip ci]
• 598fed0 chore: Update .github/workflows/semantic-pull-request.yml [skip ci]
• Additional commits viewable in compare view

Updates @libp2p/ping from 2.0.36 to 2.0.37

Release notes

Sourced from @​libp2p/ping's releases.

ping: v2.0.37

2.0.37 (2025-08-19)

Bug Fixes

• scope logging to connection and stream (#3215) (ce6b542)

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • @​libp2p/crypto bumped from ^5.1.7 to ^5.1.8
    • @​libp2p/interface bumped from ^2.10.5 to ^2.11.0
    • @​libp2p/interface-internal bumped from ^2.3.18 to ^2.3.19
  • devDependencies
    • @​libp2p/logger bumped from ^5.1.21 to ^5.2.0
    • @​libp2p/peer-id bumped from ^5.1.8 to ^5.1.9

dcutr: v2.0.37

2.0.37 (2025-07-07)

Dependencies

• update @​multiformats/multiaddr-matcher dep to 2.x.x (#3208) (57e7fa4)

Commits

• f90fb1f chore: release main (#3217)
• 5ed83dd chore: bump actions/checkout from 4 to 5 (#3245)
• aa770ab fix: avoid wasteful reprovides outside threshold (#3238)
• 7ce083d test: add connection gater integration tests (#3242)
• cf9aab5 fix: silence max listeners warning for dht routing table (#3233)
• cb1c14e feat: allow async stream handlers (#3212)
• 4420fad fix: use failure event instead of error (#3219)
• 79473c9 chore: pass correct log
• ce6b542 fix: scope logging to connection and stream (#3215)
• 58abe87 feat: allow creating scoped loggers (#3214)
• Additional commits viewable in compare view

Updates @libp2p/websockets from 9.2.18 to 9.2.19

Release notes

Sourced from @​libp2p/websockets's releases.

websockets: v9.2.19

9.2.19 (2025-08-19)

Bug Fixes

• scope logging to connection and stream (#3215) (ce6b542)

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • @​libp2p/interface bumped from ^2.10.5 to ^2.11.0
    • @​libp2p/utils bumped from ^6.7.1 to ^6.7.2
  • devDependencies
    • @​libp2p/logger bumped from ^5.1.21 to ^5.2.0

Commits

• f90fb1f chore: release main (#3217)
• 5ed83dd chore: bump actions/checkout from 4 to 5 (#3245)
• aa770ab fix: avoid wasteful reprovides outside threshold (#3238)
• 7ce083d test: add connection gater integration tests (#3242)
• cf9aab5 fix: silence max listeners warning for dht routing table (#3233)
• cb1c14e feat: allow async stream handlers (#3212)
• 4420fad fix: use failure event instead of error (#3219)
• 79473c9 chore: pass correct log
• ce6b542 fix: scope logging to connection and stream (#3215)
• 58abe87 feat: allow creating scoped loggers (#3214)
• Additional commits viewable in compare view

Updates @libp2p/webtransport from 5.0.50 to 5.0.51

Release notes

Sourced from @​libp2p/webtransport's releases.

webtransport: v5.0.51

5.0.51 (2025-08-19)

Bug Fixes

• scope logging to connection and stream (#3215) (ce6b542)

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • @​libp2p/interface bumped from ^2.10.5 to ^2.11.0
    • @​libp2p/peer-id bumped from ^5.1.8 to ^5.1.9
    • @​libp2p/utils bumped from ^6.7.1 to ^6.7.2
  • devDependencies
    • @​libp2p/crypto bumped from ^5.1.7 to ^5.1.8
    • @​libp2p/logger bumped from ^5.1.21 to ^5.2.0
    • @​libp2p/ping bumped from ^2.0.36 to ^2.0.37
    • libp2p bumped from ^2.9.0 to ^2.10.0

Commits

• f90fb1f chore: release main (#3217)
• 5ed83dd chore: bump actions/checkout from 4 to 5 (#3245)
• aa770ab fix: avoid wasteful reprovides outside threshold (#3238)
• 7ce083d test: add connection gater integration tests (#3242)
• cf9aab5 fix: silence max listeners warning for dht routing table (#3233)
• cb1c14e feat: allow async stream handlers (#3212)
• 4420fad fix: use failure event instead of error (#3219)
• 79473c9 chore: pass correct log
• ce6b542 fix: scope logging to connection and stream (#3215)
• 58abe87 feat: allow creating scoped loggers (#3214)
• See full diff in compare view

Updates @multiformats/dns from 1.0.6 to 1.0.9

Release notes

Sourced from @​multiformats/dns's releases.

v1.0.9

1.0.9 (2025-09-08)

Bug Fixes

• move dns-packet types to dev deps (#16) (6688913)

v1.0.8

1.0.8 (2025-09-08)

Dependencies

• dev: bump sinon from 17.0.2 to 18.0.0 (#8) (2511eab)

v1.0.7

1.0.7 (2025-09-08)

Dependencies

• dev: bump aegir from 42.2.11 to 44.1.1 (#14) (a5dee6f)

Changelog

Sourced from @​multiformats/dns's changelog.

1.0.9 (2025-09-08)

Bug Fixes

• move dns-packet types to dev deps (#16) (6688913)

1.0.8 (2025-09-08)

Dependencies

• dev: bump sinon from 17.0.2 to 18.0.0 (#8) (2511eab)

1.0.7 (2025-09-08)

Dependencies

• dev: bump aegir from 42.2.11 to 44.1.1 (#14) (a5dee6f)

Commits

• 2691bd6 chore(release): 1.0.9 [skip ci]
• 6688913 fix: move dns-packet types to dev deps (#16)
• 9667046 chore(release): 1.0.8 [skip ci]
• 2511eab deps(dev): bump sinon from 17.0.2 to 18.0.0 (#8)
• d0e98c7 chore(release): 1.0.7 [skip ci]
• a5dee6f deps(dev): bump aegir from 42.2.11 to 44.1.1 (#14)
• c963ea1 ci: uci/copy-templates (#15)
• See full diff in compare view

Updates helia from 5.4.2 to 5.5.1

Release notes

Sourced from helia's releases.

helia: v5.5.1

5.5.1 (2025-07-31)

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • @​helia/block-brokers bumped from ^4.2.3 to ^4.2.4

helia: v5.5.0

5.5.0 (2025-07-22)

Features

• add libp2p to @​helia/http (#826) (235e5c4)

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • @​helia/block-brokers bumped from ^4.2.2 to ^4.2.3
    • @​helia/interface bumped from ^5.3.2 to ^5.4.0
    • @​helia/routers bumped from ^3.1.2 to ^3.1.3
    • @​helia/utils bumped from ^1.3.2 to ^1.4.0

Commits

• a0cac72 chore: release main (#838)
• 9f51b17 feat: expose extended option for ls in mfs and unixfs (#836)
• 5a911c6 feat: expose providers option (#834)
• 7d471a0 feat: add block received event (#837)
• 107b900 chore: release main (#808)
• 8df30db docs: fix module name typo in readme (#829)
• a026690 deps: update @​multiformats/multiaddr matcher (#827)
• 235e5c4 feat: add libp2p to @​helia/http (#826)
• 1e9745c docs: add example of adding browser file/dir to unixfs (#817)
• 28a7091 fix: flaky test to publish an IPNS record (#810)
• Additional commits viewable in compare view

Updates libp2p from 2.9.0 to 2.10.0

Commits

• f90fb1f chore: release main (#3217)
• 5ed83dd chore: bump actions/checkout from 4 to 5 (#3245)
• aa770ab fix: avoid wasteful reprovides outside threshold (#3238)
• 7ce083d test: add connection gater integration tests (#3242)
• cf9aab5 fix: silence max listeners warning for dht routing table (#3233)
• cb1c14e feat: allow async stream handlers (#3212)
• 4420fad fix: use failure event instead of error (#3219)
• 79473c9 chore: pass correct log
• ce6b542 fix: scope logging to connection and stream (#3215)
• 58abe87 feat: allow creating scoped loggers (#3214)
• See full diff in compare view

Updates multiformats from 13.3.7 to 13.4.1

Release notes

Sourced from multiformats's releases.

v13.4.1

13.4.1 (2025-09-15)

Dependencies

• dev: bump crypto-hash from 3.1.0 to 4.0.0 (#332) (bbc711a)

v13.4.0

13.4.0 (2025-08-05)

Features

• support truncating digests (#329) (e4d3a22), closes #328

Changelog

Sourced from multiformats's changelog.

13.4.1 (2025-09-15)

Dependencies

• dev: bump crypto-hash from 3.1.0 to 4.0.0 (#332) (bbc711a)

13.4.0 (2025-08-05)

Features

• support truncating digests (#329) (e4d3a22), closes #328

Commits

• 1b4d452 chore(release): 13.4.1 [skip ci]
• bbc711a deps(dev): bump crypto-hash from 3.1.0 to 4.0.0 (#332)
• 2e31a2f chore(release): 13.4.0 [skip ci]
• e4d3a22 feat: support truncating digests (#329)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.

[SgtPooki]

@dependabot rebase

[dependabot]

Looks like this PR is already up-to-date with main! If you'd still like to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.