Critical & security fixes:
- #15678 Rate limit on login (token endpoint)
- #15735 Empty token in login response
- #15666 Global rate limit fix
Direct security updates:
- Axios updated from 1.13.5 to 1.15.2
- dompurify updated from 3.3.3 to 3.4.1
- uuid updated from 13.0.0 to 14.0.0
- nodemailer updated from 8.0.4 to 8.0.5
Indirect (transient) security updates:
- @xmldom/xmldom updated from 0.8.12 to 0.8.13
- follow-redirects updated from 1.15.11 to 1.16.0
- path-to-regexp updated from 8.3.0 to 8.4.2
- protobufjs updated from 7.5.4 to 7.5.5
- proxy-from-env updated from 1.1.0 to 2.1.0
Full Changelog: 7.260309.0-lts.3...7.260309.0-lts.4