Skip to content

chore(deps): bump the npm_and_yarn group across 1 directory with 2 updates#98

Merged
williamzujkowski merged 1 commit into
masterfrom
dependabot/npm_and_yarn/standards/compliance/npm_and_yarn-f97f9bf773
May 22, 2026
Merged

chore(deps): bump the npm_and_yarn group across 1 directory with 2 updates#98
williamzujkowski merged 1 commit into
masterfrom
dependabot/npm_and_yarn/standards/compliance/npm_and_yarn-f97f9bf773

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 23, 2026
edited
Loading

Bumps the npm_and_yarn group with 2 updates in the /standards/compliance directory: flatted and picomatch.

Updates flatted from 3.3.3 to 3.4.2

Commits
  • 3bf0909 3.4.2
  • 885ddcc fix CWE-1321
  • 0bdba70 added flatted-view to the benchmark
  • 2a02dce 3.4.1
  • fba4e8f Merge pull request #89 from WebReflection/python-fix
  • 5fe8648 added "when in Rome" also a test for PHP
  • 53517ad some minor improvement
  • b3e2a0c Fixing recursion issue in Python too
  • c4b46db Add SECURITY.md for security policy and reporting
  • f86d071 Create dependabot.yml for version updates
  • Additional commits viewable in compare view

Updates picomatch from 2.3.1 to 2.3.2

Release notes

Sourced from picomatch's releases.

2.3.2

This is a security release fixing several security relevant issues.

What's Changed

Full Changelog: micromatch/picomatch@2.3.1...2.3.2

Changelog

Sourced from picomatch's changelog.

Release history

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog and this project adheres to Semantic Versioning.

  • Changelogs are for humans, not machines.
  • There should be an entry for every single version.
  • The same types of changes should be grouped.
  • Versions and sections should be linkable.
  • The latest version comes first.
  • The release date of each versions is displayed.
  • Mention whether you follow Semantic Versioning.

Changelog entries are classified using the following labels (from keep-a-changelog):

  • Added for new features.
  • Changed for changes in existing functionality.
  • Deprecated for soon-to-be removed features.
  • Removed for now removed features.
  • Fixed for any bug fixes.
  • Security in case of vulnerabilities.

4.0.0 (2024-02-07)

Fixes

Changed

3.0.1

Fixes

... (truncated)

Commits

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Apr 23, 2026
@dependabot dependabot Bot requested a review from williamzujkowski as a code owner April 23, 2026 00:27
@williamzujkowski
Copy link
Copy Markdown
Owner

williamzujkowski commented May 22, 2026

@dependabot rebase

@dependabot
chore(deps): bump the npm_and_yarn group across 1 directory with 2 up…
a9d2bde 
…dates

Bumps the npm_and_yarn group with 2 updates in the /standards/compliance directory: [flatted](https://github.com/WebReflection/flatted) and [picomatch](https://github.com/micromatch/picomatch).


Updates `flatted` from 3.3.3 to 3.4.2
- [Commits](WebReflection/flatted@v3.3.3...v3.4.2)

Updates `picomatch` from 2.3.1 to 2.3.2
- [Release notes](https://github.com/micromatch/picomatch/releases)
- [Changelog](https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md)
- [Commits](micromatch/picomatch@2.3.1...2.3.2)

---
updated-dependencies:
- dependency-name: flatted
  dependency-version: 3.4.2
  dependency-type: indirect
- dependency-name: picomatch
  dependency-version: 2.3.2
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/standards/compliance/npm_and_yarn-f97f9bf773 branch from 6f1e1bf to a9d2bde Compare May 22, 2026 04:48
@williamzujkowski williamzujkowski merged commit 0244bff into master May 22, 2026
28 checks passed
@williamzujkowski williamzujkowski deleted the dependabot/npm_and_yarn/standards/compliance/npm_and_yarn-f97f9bf773 branch May 22, 2026 04:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@williamzujkowski williamzujkowski Awaiting requested review from williamzujkowski williamzujkowski is a code owner

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@williamzujkowski