From 73ca3473aac85250a23535c4d281e6ce5c5df0de Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Thu, 25 Jun 2026 09:31:55 +0200
Subject: [PATCH 1/2] chore(deps): update actions/cache action to v6 (#3781)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [actions/cache](https://redirect.github.com/actions/cache) | action |
major | `v5` → `v6` |

---

### Release Notes

<details>
<summary>actions/cache (actions/cache)</summary>

###
[`v6.0.0`](https://redirect.github.com/actions/cache/releases/tag/v6.0.0)

[Compare
Source](https://redirect.github.com/actions/cache/compare/v6.0.0...v6.0.0)

#### What's Changed

- Update packages, migrate to ESM by
[@&#8203;Samirat](https://redirect.github.com/Samirat) in
[#&#8203;1760](https://redirect.github.com/actions/cache/pull/1760)

**Full Changelog**:
<https://github.com/actions/cache/compare/v5...v6.0.0>

###
[`v6`](https://redirect.github.com/actions/cache/compare/v5.0.5...v6.0.0)

[Compare
Source](https://redirect.github.com/actions/cache/compare/v5.0.5...v6.0.0)

</details>

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - "every weekday"
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/apify/crawlee).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4yMzUuMCIsInVwZGF0ZWRJblZlciI6IjQzLjIzNS4wIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbXX0=-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
---
 .github/workflows/publish-to-npm.yml |  2 +-
 .github/workflows/release.yml        |  6 +++---
 .github/workflows/test-ci.yml        | 10 +++++-----
 .github/workflows/test-e2e.yml       |  4 ++--
 4 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/.github/workflows/publish-to-npm.yml b/.github/workflows/publish-to-npm.yml
index e94b20b58df0..a2ed49959f18 100644
--- a/.github/workflows/publish-to-npm.yml
+++ b/.github/workflows/publish-to-npm.yml
@@ -61,7 +61,7 @@ jobs:
 
             - name: Turbo cache
               id: turbo-cache
-              uses: actions/cache@v5
+              uses: actions/cache@v6
               with:
                   path: .turbo
                   key: turbo-${{ github.job }}-${{ github.ref_name }}-${{ github.sha }}
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index cdbc9e639cc4..aa7b3d614f02 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -63,7 +63,7 @@ jobs:
 
             -   name: Turbo cache
                 id: turbo-cache
-                uses: actions/cache@v5
+                uses: actions/cache@v6
                 with:
                     path: .turbo
                     key: turbo-${{ github.job }}-${{ github.ref_name }}-${{ github.sha }}
@@ -74,7 +74,7 @@ jobs:
                 run: yarn
 
             -   name: Cache Playwright browsers
-                uses: actions/cache@v5
+                uses: actions/cache@v6
                 with:
                     path: ~/.cache/ms-playwright
                     key: playwright-${{ runner.os }}-${{ hashFiles('**/yarn.lock') }}
@@ -122,7 +122,7 @@ jobs:
 
             -   name: Turbo cache
                 id: turbo-cache
-                uses: actions/cache@v5
+                uses: actions/cache@v6
                 with:
                     path: .turbo
                     key: turbo-${{ github.job }}-${{ github.ref_name }}-${{ github.sha }}
diff --git a/.github/workflows/test-ci.yml b/.github/workflows/test-ci.yml
index a644bbaf4d23..c61ec7304ea2 100644
--- a/.github/workflows/test-ci.yml
+++ b/.github/workflows/test-ci.yml
@@ -51,7 +51,7 @@ jobs:
 
             -   name: Turbo cache
                 id: turbo-cache
-                uses: actions/cache@v5
+                uses: actions/cache@v6
                 with:
                     path: .turbo
                     key: turbo-${{ github.job }}-${{ matrix.node-version }}-${{ github.ref_name }}-${{ github.sha }}
@@ -64,7 +64,7 @@ jobs:
                     YARN_IGNORE_NODE: 1
 
             -   name: Cache Playwright browsers
-                uses: actions/cache@v5
+                uses: actions/cache@v6
                 with:
                     path: ~/.cache/ms-playwright
                     key: playwright-${{ runner.os }}-${{ hashFiles('**/yarn.lock') }}
@@ -126,7 +126,7 @@ jobs:
 
             -   name: Turbo cache
                 id: turbo-cache
-                uses: actions/cache@v5
+                uses: actions/cache@v6
                 with:
                     path: .turbo
                     key: turbo-${{ github.job }}-${{ github.ref_name }}-${{ github.sha }}
@@ -268,7 +268,7 @@ jobs:
 
             -   name: Turbo cache
                 id: turbo-cache
-                uses: actions/cache@v5
+                uses: actions/cache@v6
                 with:
                     path: .turbo
                     key: turbo-${{ github.job }}-${{ github.ref_name }}-${{ github.sha }}
@@ -315,7 +315,7 @@ jobs:
 
             -   name: Turbo cache
                 id: turbo-cache
-                uses: actions/cache@v5
+                uses: actions/cache@v6
                 with:
                     path: .turbo
                     key: turbo-${{ github.job }}-${{ github.ref_name }}-${{ github.sha }}
diff --git a/.github/workflows/test-e2e.yml b/.github/workflows/test-e2e.yml
index 44a6215bab7f..1cccfccbfce2 100644
--- a/.github/workflows/test-e2e.yml
+++ b/.github/workflows/test-e2e.yml
@@ -46,7 +46,7 @@ jobs:
 
             -   name: Turbo cache
                 id: turbo-cache
-                uses: actions/cache@v5
+                uses: actions/cache@v6
                 with:
                     path: .turbo
                     key: turbo-${{ github.job }}-${{ github.ref_name }}-${{ github.sha }}
@@ -68,7 +68,7 @@ jobs:
 
             -   name: Cache Playwright browsers
                 if: (matrix.storage != 'PLATFORM')
-                uses: actions/cache@v5
+                uses: actions/cache@v6
                 with:
                     path: ~/.cache/ms-playwright
                     key: playwright-${{ runner.os }}-${{ hashFiles('**/yarn.lock') }}

From 6a9eab7b588615e156681004b4772778b641a2a7 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 25 Jun 2026 10:38:03 +0200
Subject: [PATCH 2/2] chore(deps): bump http-proxy-middleware from 2.0.9 to
 2.0.10 in /website (#3778)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps
[http-proxy-middleware](https://github.com/chimurai/http-proxy-middleware)
from 2.0.9 to 2.0.10.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/chimurai/http-proxy-middleware/releases">http-proxy-middleware's
releases</a>.</em></p>
<blockquote>
<h2>v2.0.10-beta.0</h2>
<h2>What's Changed</h2>
<ul>
<li>fix: harden proxy-table matching to prevent routing bypass by <a
href="https://github.com/G-Rath"><code>@​G-Rath</code></a> in <a
href="https://redirect.github.com/chimurai/http-proxy-middleware/pull/1268">chimurai/http-proxy-middleware#1268</a></li>
<li>ci(github-actions): update publish.yml by <a
href="https://github.com/chimurai"><code>@​chimurai</code></a> in <a
href="https://redirect.github.com/chimurai/http-proxy-middleware/pull/1270">chimurai/http-proxy-middleware#1270</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/G-Rath"><code>@​G-Rath</code></a> made
their first contribution in <a
href="https://redirect.github.com/chimurai/http-proxy-middleware/pull/1268">chimurai/http-proxy-middleware#1268</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/chimurai/http-proxy-middleware/compare/v2.0.9...v2.0.10-beta.0">https://github.com/chimurai/http-proxy-middleware/compare/v2.0.9...v2.0.10-beta.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/chimurai/http-proxy-middleware/blob/v2.0.10/CHANGELOG.md">http-proxy-middleware's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/chimurai/http-proxy-middleware/releases/tag/v2.0.10">v2.0.10</a></h2>
<ul>
<li>fix(router): harden proxy-table matching (exact host for host+path
keys, prefix-only path matching) to prevent routing bypass</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/chimurai/http-proxy-middleware/commit/f0be839066ba14f2598c6c1aef10ff54b020babb"><code>f0be839</code></a>
chore(package.json): v2.0.10 (<a
href="https://redirect.github.com/chimurai/http-proxy-middleware/issues/1271">#1271</a>)</li>
<li><a
href="https://github.com/chimurai/http-proxy-middleware/commit/19c860de9854988351c4c9bf5fe79687942e1833"><code>19c860d</code></a>
ci(github-actions): update publish.yml (<a
href="https://redirect.github.com/chimurai/http-proxy-middleware/issues/1270">#1270</a>)</li>
<li><a
href="https://github.com/chimurai/http-proxy-middleware/commit/d0f7d6368ac9cf7dac5638c466d820370a4ae98f"><code>d0f7d63</code></a>
fix: harden proxy-table matching to prevent routing bypass (<a
href="https://redirect.github.com/chimurai/http-proxy-middleware/issues/1268">#1268</a>)</li>
<li>See full diff in <a
href="https://github.com/chimurai/http-proxy-middleware/compare/v2.0.9...v2.0.10">compare
view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by <a
href="https://www.npmjs.com/~GitHub%20Actions">GitHub Actions</a>, a new
releaser for http-proxy-middleware since your current version.</p>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=http-proxy-middleware&package-manager=npm_and_yarn&previous-version=2.0.9&new-version=2.0.10)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts page](https://github.com/apify/crawlee/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 website/yarn.lock | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/website/yarn.lock b/website/yarn.lock
index 542e3a199984..40cdae7530ba 100644
--- a/website/yarn.lock
+++ b/website/yarn.lock
@@ -10662,8 +10662,8 @@ __metadata:
   linkType: hard
 
 "http-proxy-middleware@npm:^2.0.9":
-  version: 2.0.9
-  resolution: "http-proxy-middleware@npm:2.0.9"
+  version: 2.0.10
+  resolution: "http-proxy-middleware@npm:2.0.10"
   dependencies:
     "@types/http-proxy": "npm:^1.17.8"
     http-proxy: "npm:^1.18.1"
@@ -10675,7 +10675,7 @@ __metadata:
   peerDependenciesMeta:
     "@types/express":
       optional: true
-  checksum: 10c0/8e9032af625f7c9f2f0d318f6cdb14eb725cc16ffe7b4ccccea25cf591fa819bb7c3bb579e0b543e0ae9c73059b505a6d728290c757bff27bae526a6ed11c05e
+  checksum: 10c0/363cd25fbac18f851af93cea34ac7068656413c9af5af12d3b2a127adc70623d2c0d6e9e12037bbac5a4744b762fd9f89fb16e16c29ad06af2b17766890c1b26
   languageName: node
   linkType: hard