Skip to content

build(deps): bump the npm_and_yarn group across 1 directory with 20 updates#2

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/npm_and_yarn-f23c87a9b1
Open

build(deps): bump the npm_and_yarn group across 1 directory with 20 updates#2
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/npm_and_yarn-f23c87a9b1

Conversation

@dependabot
Copy link
Copy Markdown

@dependabot dependabot bot commented on behalf of github Oct 9, 2025

Bumps the npm_and_yarn group with 14 updates in the / directory:

Package From To
openzeppelin-solidity 2.2.0 4.8.1
axios 1.6.3 1.12.2
base-x 3.0.9 3.0.11
body-parser 1.20.2 1.20.3
express 4.18.2 4.21.2
brace-expansion 1.1.11 1.1.12
braces 3.0.2 3.0.3
cipher-base 1.0.4 1.0.7
cross-spawn 7.0.3 7.0.6
flat 4.1.1 5.0.2
micromatch 4.0.5 4.0.8
pbkdf2 3.1.2 3.1.5
serialize-javascript 6.0.0 6.0.2
undici 5.28.2 5.29.0

Updates openzeppelin-solidity from 2.2.0 to 4.8.1

Release notes

Sourced from openzeppelin-solidity's releases.

v4.8.1

  • ERC4626: Use staticcall instead of call when fetching underlying ERC-20 decimals. (#3943)

v4.8.0

Note Don't miss the section on Breaking changes at the end.

  • TimelockController: Added a new admin constructor parameter that is assigned the admin role instead of the deployer account. (#3722)
  • Initializable: add internal functions _getInitializedVersion and _isInitializing (#3598)
  • ERC165Checker: add supportsERC165InterfaceUnchecked for consulting individual interfaces without the full ERC165 protocol. (#3339)
  • Address: optimize functionCall by calling functionCallWithValue directly. (#3468)
  • Address: optimize functionCall functions by checking contract size only if there is no returned data. (#3469)
  • Governor: make the relay function payable, and add support for EOA payments. (#3730)
  • GovernorCompatibilityBravo: remove unused using statements. (#3506)
  • ERC20: optimize _transfer, _mint and _burn by using unchecked arithmetic when possible. (#3513)
  • ERC20Votes, ERC721Votes: optimize getPastVotes for looking up recent checkpoints. (#3673)
  • ERC20FlashMint: add an internal _flashFee function for overriding. (#3551)
  • ERC4626: use the same decimals() as the underlying asset by default (if available). (#3639)
  • ERC4626: add internal _initialConvertToShares and _initialConvertToAssets functions to customize empty vaults behavior. (#3639)
  • ERC721: optimize transfers by making approval clearing implicit instead of emitting an event. (#3481)
  • ERC721: optimize burn by making approval clearing implicit instead of emitting an event. (#3538)
  • ERC721: Fix balance accounting when a custom _beforeTokenTransfer hook results in a transfer of the token under consideration. (#3611)
  • ERC721: use unchecked arithmetic for balance updates. (#3524)
  • ERC721Consecutive: Implementation of EIP-2309 that allows batch minting of ERC721 tokens during construction. (#3311)
  • ReentrancyGuard: Reduce code size impact of the modifier by using internal functions. (#3515)
  • SafeCast: optimize downcasting of signed integers. (#3565)
  • ECDSA: Remove redundant check on the v value. (#3591)
  • VestingWallet: add releasable getters. (#3580)
  • VestingWallet: remove unused library Math.sol. (#3605)
  • VestingWallet: make constructor payable. (#3665)
  • Create2: optimize address computation by using assembly instead of abi.encodePacked. (#3600)
  • Clones: optimized the assembly to use only the scratch space during deployments, and optimized predictDeterministicAddress to use fewer operations. (#3640)
  • Checkpoints: Use procedural generation to support multiple key/value lengths. (#3589)
  • Checkpoints: Add new lookup mechanisms. (#3589)
  • Arrays: Add unsafeAccess functions that allow reading and writing to an element in a storage array bypassing Solidity's "out-of-bounds" check. (#3589)
  • Strings: optimize toString. (#3573)
  • Ownable2Step: extension of Ownable that makes the ownership transfers a two step process. (#3620)
  • Math and SignedMath: optimize function max by using > instead of >=. (#3679)
  • Math: Add log2, log10 and log256. (#3670)
  • Arbitrum: Update the vendored arbitrum contracts to match the nitro upgrade. (#3692)

Breaking changes

  • ERC721: In order to add support for batch minting via ERC721Consecutive it was necessary to make a minor breaking change in the internal interface of ERC721. Namely, the hooks _beforeTokenTransfer and _afterTokenTransfer have one additional argument that may need to be added to overrides:
 function _beforeTokenTransfer(
     address from,
     address to,
     uint256 tokenId,
</tr></table>

... (truncated)

Changelog

Sourced from openzeppelin-solidity's changelog.

4.8.1 (2023-01-12)

  • ERC4626: Use staticcall instead of call when fetching underlying ERC-20 decimals. (#3943)

4.8.0 (2022-11-08)

  • TimelockController: Added a new admin constructor parameter that is assigned the admin role instead of the deployer account. (#3722)
  • Initializable: add internal functions _getInitializedVersion and _isInitializing (#3598)
  • ERC165Checker: add supportsERC165InterfaceUnchecked for consulting individual interfaces without the full ERC165 protocol. (#3339)
  • Address: optimize functionCall by calling functionCallWithValue directly. (#3468)
  • Address: optimize functionCall functions by checking contract size only if there is no returned data. (#3469)
  • Governor: make the relay function payable, and add support for EOA payments. (#3730)
  • GovernorCompatibilityBravo: remove unused using statements. (#3506)
  • ERC20: optimize _transfer, _mint and _burn by using unchecked arithmetic when possible. (#3513)
  • ERC20Votes, ERC721Votes: optimize getPastVotes for looking up recent checkpoints. (#3673)
  • ERC20FlashMint: add an internal _flashFee function for overriding. (#3551)
  • ERC4626: use the same decimals() as the underlying asset by default (if available). (#3639)
  • ERC4626: add internal _initialConvertToShares and _initialConvertToAssets functions to customize empty vaults behavior. (#3639)
  • ERC721: optimize transfers by making approval clearing implicit instead of emitting an event. (#3481)
  • ERC721: optimize burn by making approval clearing implicit instead of emitting an event. (#3538)
  • ERC721: Fix balance accounting when a custom _beforeTokenTransfer hook results in a transfer of the token under consideration. (#3611)
  • ERC721: use unchecked arithmetic for balance updates. (#3524)
  • ERC721Consecutive: Implementation of EIP-2309 that allows batch minting of ERC721 tokens during construction. (#3311)
  • ReentrancyGuard: Reduce code size impact of the modifier by using internal functions. (#3515)
  • SafeCast: optimize downcasting of signed integers. (#3565)
  • ECDSA: Remove redundant check on the v value. (#3591)
  • VestingWallet: add releasable getters. (#3580)
  • VestingWallet: remove unused library Math.sol. (#3605)
  • VestingWallet: make constructor payable. (#3665)
  • Create2: optimize address computation by using assembly instead of abi.encodePacked. (#3600)
  • Clones: optimized the assembly to use only the scratch space during deployments, and optimized predictDeterministicAddress to use fewer operations. (#3640)
  • Checkpoints: Use procedural generation to support multiple key/value lengths. (#3589)
  • Checkpoints: Add new lookup mechanisms. (#3589)
  • Arrays: Add unsafeAccess functions that allow reading and writing to an element in a storage array bypassing Solidity's "out-of-bounds" check. (#3589)
  • Strings: optimize toString. (#3573)
  • Ownable2Step: extension of Ownable that makes the ownership transfers a two step process. (#3620)
  • Math and SignedMath: optimize function max by using > instead of >=. (#3679)
  • Math: Add log2, log10 and log256. (#3670)
  • Arbitrum: Update the vendored arbitrum contracts to match the nitro upgrade. (#3692)

Breaking changes

  • ERC721: In order to add support for batch minting via ERC721Consecutive it was necessary to make a minor breaking change in the internal interface of ERC721. Namely, the hooks _beforeTokenTransfer and _afterTokenTransfer have one additional argument that may need to be added to overrides:
 function _beforeTokenTransfer(
     address from,
     address to,
     uint256 tokenId,
+    uint256 batchSize
</tr></table>

... (truncated)

Commits

Updates axios from 1.6.3 to 1.12.2

Release notes

Sourced from axios's releases.

Release v1.12.2

Release notes:

Bug Fixes

  • fetch: use current global fetch instead of cached one when env fetch is not specified to keep MSW support; (#7030) (cf78825)

Contributors to this release

Release v1.12.1

Release notes:

Bug Fixes

Contributors to this release

Release v1.12.0

Release notes:

Bug Fixes

Features

  • adapter: surface low‑level network error details; attach original error via cause (#6982) (78b290c)
  • fetch: add fetch, Request, Response env config variables for the adapter; (#7003) (c959ff2)
  • support reviver on JSON.parse (#5926) (2a97634), closes #5924
  • types: extend AxiosResponse interface to include custom headers type (#6782) (7960d34)

Contributors to this release

... (truncated)

Changelog

Sourced from axios's changelog.

1.12.2 (2025-09-14)

Bug Fixes

  • fetch: use current global fetch instead of cached one when env fetch is not specified to keep MSW support; (#7030) (cf78825)

Contributors to this release

1.12.1 (2025-09-12)

Bug Fixes

Contributors to this release

1.12.0 (2025-09-11)

Bug Fixes

Features

  • adapter: surface low‑level network error details; attach original error via cause (#6982) (78b290c)
  • fetch: add fetch, Request, Response env config variables for the adapter; (#7003) (c959ff2)
  • support reviver on JSON.parse (#5926) (2a97634), closes #5924
  • types: extend AxiosResponse interface to include custom headers type (#6782) (7960d34)

Contributors to this release

... (truncated)

Commits

Updates base-x from 3.0.9 to 3.0.11

Commits

Updates body-parser from 1.20.2 to 1.20.3

Release notes

Sourced from body-parser's releases.

1.20.3

What's Changed

Important

  • deps: qs@6.13.0
  • add depth option to customize the depth level in the parser
  • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity). Documentation

Other changes

New Contributors

Full Changelog: expressjs/body-parser@1.20.2...1.20.3

Changelog

Sourced from body-parser's changelog.

1.20.3 / 2024-09-10

  • deps: qs@6.13.0
  • add depth option to customize the depth level in the parser
  • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
Commits
Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for body-parser since your current version.


Updates express from 4.18.2 to 4.21.2

Release notes

Sourced from express's releases.

4.21.2

What's Changed

Full Changelog: expressjs/express@4.21.1...4.21.2

4.21.1

What's Changed

Full Changelog: expressjs/express@4.21.0...4.21.1

4.21.0

What's Changed

New Contributors

Full Changelog: expressjs/express@4.20.0...4.21.0

4.20.0

What's Changed

Important

  • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
  • Remove link renderization in html while using res.redirect

Other Changes

... (truncated)

Changelog

Sourced from express's changelog.

4.21.2 / 2024-11-06

  • deps: path-to-regexp@0.1.12
    • Fix backtracking protection
  • deps: path-to-regexp@0.1.11
    • Throws an error on invalid path values

4.21.1 / 2024-10-08

4.21.0 / 2024-09-11

  • Deprecate res.location("back") and res.redirect("back") magic string
  • deps: serve-static@1.16.2
    • includes send@0.19.0
  • deps: finalhandler@1.3.1
  • deps: qs@6.13.0

4.20.0 / 2024-09-10

  • deps: serve-static@0.16.0
    • Remove link renderization in html while redirecting
  • deps: send@0.19.0
    • Remove link renderization in html while redirecting
  • deps: body-parser@0.6.0
    • add depth option to customize the depth level in the parser
    • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
  • Remove link renderization in html while using res.redirect
  • deps: path-to-regexp@0.1.10
    • Adds support for named matching groups in the routes using a regex
    • Adds backtracking protection to parameters without regexes defined
  • deps: encodeurl@~2.0.0
    • Removes encoding of \, |, and ^ to align better with URL spec
  • Deprecate passing options.maxAge and options.expires to res.clearCookie
    • Will be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie

4.19.2 / 2024-03-25

  • Improved fix for open redirect allow list bypass

4.19.1 / 2024-03-20

  • Allow passing non-strings to res.location with new encoding handling checks

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by jonchurch, a new releaser for express since your current version.


Updates brace-expansion from 1.1.11 to 1.1.12

Release notes

Sourced from brace-expansion's releases.

v1.1.12

  • pkg: publish on tag 1.x c460dbd
  • fmt ccb8ac6
  • Fix potential ReDoS Vulnerability or Inefficient Regular Expression (#65) c3c73c8

juliangruber/brace-expansion@v1.1.11...v1.1.12

Commits

Updates braces from 3.0.2 to 3.0.3

Commits

Updates cipher-base from 1.0.4 to 1.0.7

Changelog

Sourced from cipher-base's changelog.

v1.0.7 - 2025-09-24

Commits

  • [Refactor] use to-buffer fd1e5ee
  • [Dev Deps] update @ljharb/eslint-config 08ba803

v1.0.6 - 2024-11-26

Commits

  • [Fix] io.js 3.0 - Node.js 5.3 typed array support b7ddd2a

v1.0.5 - 2024-11-17

Commits

  • [Tests] standard -> eslint, make test dir, etc ae02fd6
  • [Tests] migrate from travis to GHA 66387d7
  • [meta] fix package.json indentation 5c02918
  • [Fix] return valid values on multi-byte-wide TypedArray input 8fd1364
  • [meta] add auto-changelog 88dc806
  • [meta] add npmignore and safe-publish-latest 7a137d7
  • Only apps should have lockfiles 42528f2
  • [Deps] update inherits, safe-buffer 0e7a2d9
  • [meta] add missing engines.node f2dc13e
Commits
  • 0056718 v1.0.7
  • fd1e5ee [Refactor] use to-buffer
  • 08ba803 [Dev Deps] update @ljharb/eslint-config
  • f5249f9 v1.0.6
  • b7ddd2a [Fix] io.js 3.0 - Node.js 5.3 typed array support
  • f03cebf v1.0.5
  • 88dc806 [meta] add auto-changelog
  • 7a137d7 [meta] add npmignore and safe-publish-latest
  • 5c02918 [meta] fix package.json indentation
  • 8fd1364 [Fix] return valid values on multi-byte-wide TypedArray input
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by ljharb, a new releaser for cipher-base since your current version.


Updates cross-spawn from 7.0.3 to 7.0.6

Changelog

Sourced from cross-spawn's changelog.

7.0.6 (2024-11-18)

Bug Fixes

  • update cross-spawn version to 7.0.5 in package-lock.json (f700743)

7.0.5 (2024-11-07)

Bug Fixes

  • fix escaping bug introduced by backtracking (640d391)

7.0.4 (2024-11-07)

Bug Fixes

Commits
  • 77cd97f chore(release): 7.0.6
  • 6717de4 chore: upgrade standard-version
  • f700743 fix: update cross-spawn version to 7.0.5 in package-lock.json
  • 9a7e3b2 chore: fix build status badge
  • 0852683 chore(release): 7.0.5
  • 640d391 fix: fix escaping bug introduced by backtracking
  • bff0c87 chore: remove codecov
  • a7c6abc chore: replace travis with github workflows
  • 9b9246e chore(release): 7.0.4
  • 5ff3a07 fix: disable regexp backtracking (#160)
  • Additional commits viewable in compare view

Updates express from 4.18.2 to 4.21.2

Release notes

Sourced from express's releases.

4.21.2

What's Changed

Full Changelog: expressjs/express@4.21.1...4.21.2

4.21.1

What's Changed

@dependabot
build(deps): bump the npm_and_yarn group across 1 directory with 20 u…
f1d7914 
…pdates

Bumps the npm_and_yarn group with 14 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [openzeppelin-solidity](https://github.com/OpenZeppelin/openzeppelin-contracts) | `2.2.0` | `4.8.1` |
| [axios](https://github.com/axios/axios) | `1.6.3` | `1.12.2` |
| [base-x](https://github.com/cryptocoinjs/base-x) | `3.0.9` | `3.0.11` |
| [body-parser](https://github.com/expressjs/body-parser) | `1.20.2` | `1.20.3` |
| [express](https://github.com/expressjs/express) | `4.18.2` | `4.21.2` |
| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.12` |
| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |
| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |
| [cross-spawn](https://github.com/moxystudio/node-cross-spawn) | `7.0.3` | `7.0.6` |
| [flat](https://github.com/hughsk/flat) | `4.1.1` | `5.0.2` |
| [micromatch](https://github.com/micromatch/micromatch) | `4.0.5` | `4.0.8` |
| [pbkdf2](https://github.com/browserify/pbkdf2) | `3.1.2` | `3.1.5` |
| [serialize-javascript](https://github.com/yahoo/serialize-javascript) | `6.0.0` | `6.0.2` |
| [undici](https://github.com/nodejs/undici) | `5.28.2` | `5.29.0` |



Updates `openzeppelin-solidity` from 2.2.0 to 4.8.1
- [Release notes](https://github.com/OpenZeppelin/openzeppelin-contracts/releases)
- [Changelog](https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/CHANGELOG.md)
- [Commits](OpenZeppelin/openzeppelin-contracts@v2.2.0...v4.8.1)

Updates `axios` from 1.6.3 to 1.12.2
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.6.3...v1.12.2)

Updates `base-x` from 3.0.9 to 3.0.11
- [Commits](cryptocoinjs/base-x@v3.0.9...v3.0.11)

Updates `body-parser` from 1.20.2 to 1.20.3
- [Release notes](https://github.com/expressjs/body-parser/releases)
- [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md)
- [Commits](expressjs/body-parser@1.20.2...1.20.3)

Updates `express` from 4.18.2 to 4.21.2
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/4.21.2/History.md)
- [Commits](expressjs/express@4.18.2...4.21.2)

Updates `brace-expansion` from 1.1.11 to 1.1.12
- [Release notes](https://github.com/juliangruber/brace-expansion/releases)
- [Commits](juliangruber/brace-expansion@1.1.11...v1.1.12)

Updates `braces` from 3.0.2 to 3.0.3
- [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md)
- [Commits](micromatch/braces@3.0.2...3.0.3)

Updates `cipher-base` from 1.0.4 to 1.0.7
- [Changelog](https://github.com/browserify/cipher-base/blob/master/CHANGELOG.md)
- [Commits](browserify/cipher-base@v1.0.4...v1.0.7)

Updates `cross-spawn` from 7.0.3 to 7.0.6
- [Changelog](https://github.com/moxystudio/node-cross-spawn/blob/master/CHANGELOG.md)
- [Commits](moxystudio/node-cross-spawn@v7.0.3...v7.0.6)

Updates `express` from 4.18.2 to 4.21.2
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/4.21.2/History.md)
- [Commits](expressjs/express@4.18.2...4.21.2)

Updates `flat` from 4.1.1 to 5.0.2
- [Release notes](https://github.com/hughsk/flat/releases)
- [Commits](hughsk/flat@4.1.1...5.0.2)

Updates `follow-redirects` from 1.15.3 to 1.15.11
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](follow-redirects/follow-redirects@v1.15.3...v1.15.11)

Updates `micromatch` from 4.0.5 to 4.0.8
- [Release notes](https://github.com/micromatch/micromatch/releases)
- [Changelog](https://github.com/micromatch/micromatch/blob/master/CHANGELOG.md)
- [Commits](micromatch/micromatch@4.0.5...4.0.8)

Updates `minimatch` from 3.0.4 to 3.1.2
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)
- [Commits](isaacs/minimatch@v3.0.4...v3.1.2)

Updates `nanoid` from 3.1.25 to 3.3.3
- [Release notes](https://github.com/ai/nanoid/releases)
- [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md)
- [Commits](ai/nanoid@3.1.25...3.3.3)

Updates `pbkdf2` from 3.1.2 to 3.1.5
- [Changelog](https://github.com/browserify/pbkdf2/blob/master/CHANGELOG.md)
- [Commits](browserify/pbkdf2@v3.1.2...v3.1.5)

Updates `serialize-javascript` from 6.0.0 to 6.0.2
- [Release notes](https://github.com/yahoo/serialize-javascript/releases)
- [Commits](yahoo/serialize-javascript@v6.0.0...v6.0.2)

Updates `sha.js` from 2.4.11 to 2.4.12
- [Changelog](https://github.com/browserify/sha.js/blob/master/CHANGELOG.md)
- [Commits](browserify/sha.js@v2.4.11...v2.4.12)

Updates `send` from 0.18.0 to 0.19.0
- [Release notes](https://github.com/pillarjs/send/releases)
- [Changelog](https://github.com/pillarjs/send/blob/master/HISTORY.md)
- [Commits](pillarjs/send@0.18.0...0.19.0)

Updates `serve-static` from 1.15.0 to 1.16.2
- [Release notes](https://github.com/expressjs/serve-static/releases)
- [Changelog](https://github.com/expressjs/serve-static/blob/v1.16.2/HISTORY.md)
- [Commits](expressjs/serve-static@v1.15.0...v1.16.2)

Updates `undici` from 5.28.2 to 5.29.0
- [Release notes](https://github.com/nodejs/undici/releases)
- [Commits](nodejs/undici@v5.28.2...v5.29.0)

---
updated-dependencies:
- dependency-name: openzeppelin-solidity
  dependency-version: 4.8.1
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: axios
  dependency-version: 1.12.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: base-x
  dependency-version: 3.0.11
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: body-parser
  dependency-version: 1.20.3
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: express
  dependency-version: 4.21.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: brace-expansion
  dependency-version: 1.1.12
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: braces
  dependency-version: 3.0.3
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: cipher-base
  dependency-version: 1.0.7
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: cross-spawn
  dependency-version: 7.0.6
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: express
  dependency-version: 4.21.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: flat
  dependency-version: 5.0.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: follow-redirects
  dependency-version: 1.15.11
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: micromatch
  dependency-version: 4.0.8
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: minimatch
  dependency-version: 3.1.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: nanoid
  dependency-version: 3.3.3
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: pbkdf2
  dependency-version: 3.1.5
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: serialize-javascript
  dependency-version: 6.0.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: sha.js
  dependency-version: 2.4.12
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: send
  dependency-version: 0.19.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: serve-static
  dependency-version: 1.16.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: undici
  dependency-version: 5.29.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Oct 9, 2025
@dependabot dependabot bot mentioned this pull request Oct 9, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants