build(deps): Bump the npm_and_yarn group across 2 directories with 12 updates by dependabot[bot] · Pull Request #11 · nodepa/seedlingo-en

dependabot · 2026-02-26T11:17:14Z

Bumps the npm_and_yarn group with 10 updates in the /app directory:

Package	From	To
happy-dom	`17.4.4`	`20.7.0`
vite	`6.2.4`	`6.4.1`
form-data	`4.0.2`	`4.0.5`
glob	`11.0.1`	`11.1.0`
glob	`10.4.5`	`10.5.0`
js-yaml	`4.1.0`	`4.1.1`
lodash	`4.17.21`	`4.17.23`
qs	`6.14.0`	`6.14.2`
rollup	`4.38.0`	`4.59.0`
rollup	`2.79.2`	`2.80.0`
tar	`6.2.1`	`7.5.9`
tmp	`0.2.3`	`0.2.5`

Bumps the npm_and_yarn group with 5 updates in the /docs directory:

Package	From	To
vite	`5.4.8`	`5.4.21`
js-yaml	`3.14.1`	`3.14.2`
rollup	`4.24.0`	`4.59.0`
prismjs	`1.29.0`	`1.30.0`
undici	`6.20.1`	`6.23.0`

Updates happy-dom from 17.4.4 to 20.7.0

Release notes

Sourced from happy-dom's releases.

v20.7.0

🎨 Features

Adds support for Window.getScreenDetails() - By @TrevorBurnham in task #1923

Extends Screen from EventTarget - By @TrevorBurnham in task #1923

v20.6.5

👷‍♂️ Patch fixes

Add clearImmediate to Jest environment global scope - By @TrevorBurnham in task #1927

v20.6.4

👷‍♂️ Patch fixes

Normalize invalid input type attribute to "text" per HTML spec - By @atzzCokeK in task #2053

v20.6.3

👷‍♂️ Patch fixes

Refactors query selector parser to be able to handle complex rules - By @capricorn86 in task #1910

Fixes issue related to using query selector for attribute in XML document - By @capricorn86 in task #1912

Fixes issue with using quotes within quotes for attribute query selector (e.g. [data-value="it's a test"]) - By @capricorn86 in task #2034

v20.6.2

👷‍♂️ Patch fixes

Update entities package version to resolve missing export for vue and vue-compat v3.5 - By @acollins1991 in task #2066

v20.6.1

👷‍♂️ Patch fixes

Support CSS gradients with rgba() - By @atzzCokeK in task #2042

Support unicode characters in selectors per CSS spec - By @kaigritun in task #2057

v20.6.0

🎨 Features

Adds support for register on import to the @happy-dom/global-registrator package - By @capricorn86 in task #2060

v20.5.5

👷‍♂️ Patch fixes

Correct caption element content model to allow flow content - By @atzzCokeK in task #2052

v20.5.4

👷‍♂️ Patch fixes

Implement Text.wholeText property - By @aki05162525 in task #1959

v20.5.3

👷‍♂️ Patch fixes

Node.replaceWith does not throw w/o parent - By @lukeed

v20.5.2

👷‍♂️ Patch fixes

Use entities package for HTML/XML encoding and decoding - By @TrevorBurnham in task #1947

v20.5.1

👷‍♂️ Patch fixes

... (truncated)

Commits

4e0d1e3 feat: #1923 Adds support for getScreenDetails() (#2041)
78a2ff4 chore: #1867 Add regression test for TreeWalker sibling traversal (#2026)
46bab67 fix: #1927 Add clearImmediate to Jest environment global scope (#2029)
ee81583 fix: #2053 Normalize invalid input type attribute to "text" per HTML spec (...
e6a64da fix: #1910 Fixes issue when parsing complex query selector with has express...
b869287 fix: #2066 Update entities package version to resolve missing export for vu...
f8d8cad fix: #2042 Support CSS gradients with rgba() colors (#2059)
d0fdf23 fix: #2057 Support Unicode characters in selectors per CSS spec (#2062)
48e675f feat: #2060 Adds support for register on import in global-registrator (#2061)
fbef5d9 fix: #2052 Correct caption element content model to allow flow content (#2058)
Additional commits viewable in compare view

Updates vite from 6.2.4 to 6.4.1

Release notes

Sourced from vite's releases.

create-vite@6.4.1

Please refer to CHANGELOG.md for details.

v6.4.1

Please refer to CHANGELOG.md for details.

v6.4.0

Please refer to CHANGELOG.md for details.

v6.3.7

Please refer to CHANGELOG.md for details.

v6.3.6

Please refer to CHANGELOG.md for details.

v6.3.5

Please refer to CHANGELOG.md for details.

v6.3.4

Please refer to CHANGELOG.md for details.

v6.3.3

Please refer to CHANGELOG.md for details.

v6.3.2

Please refer to CHANGELOG.md for details.

v6.3.1

Please refer to CHANGELOG.md for details.

v6.2.7

Please refer to CHANGELOG.md for details.

Commits

a7349ef release: v6.3.1
a152b7c fix: backward compat for internal plugin transform calls (#19878)
35c7f35 fix: avoid using Promise.allSettled in preload function (#19805)
5fdcfe7 release: v6.3.0
d4ee5e8 fix(hmr): avoid infinite loop happening with hot.invalidate in circular dep...
5003434 fix(preview): use host url to open browser (#19836)
bf9728e release: v6.3.0-beta.2
380c10e fix(hmr): run HMR handler sequentially (#19793)
8bed1de fix: addWatchFile doesn't work if base is specified (fixes #19792) (#19794)
0a0c50a refactor: simplify pluginFilter implementation (#19828)
Additional commits viewable in compare view

Updates form-data from 4.0.2 to 4.0.5

Release notes

Sourced from form-data's releases.

v4.0.4

v4.0.4 - 2025-07-16

Commits

[meta] add auto-changelog 811f682

[Tests] handle predict-v8-randomness failures in node < 17 and node > 23 1d11a76

[Fix] Switch to using crypto random for boundary values 3d17230

[Tests] fix linting errors 5e34080

[meta] actually ensure the readme backup isn’t published 316c82b

[Dev Deps] update @ljharb/eslint-config 58c25d7

[meta] fix readme capitalization 2300ca1

v4.0.3

v4.0.3 - 2025-06-05

Fixed

[Fix] append: avoid a crash on nullish values [#577](https://github.com/form-data/form-data/issues/577)

Commits

[eslint] use a shared config 426ba9a

[eslint] fix some spacing issues 2094191

[Refactor] use hasown 81ab41b

[Fix] validate boundary type in setBoundary() method 8d8e469

[Tests] add tests to check the behavior of getBoundary with non-strings 837b8a1

[Dev Deps] remove unused deps 870e4e6

[meta] remove local commit hooks e6e83cc

[Dev Deps] update eslint 4066fd6

[meta] fix scripts to use prepublishOnly c4bbb13

Changelog

Sourced from form-data's changelog.

v4.0.5 - 2025-11-17

Commits

[Tests] Switch to newer v8 prediction library; enable node 24 testing 16e0076

[Dev Deps] update @ljharb/eslint-config, eslint 5822467

[Fix] set Symbol.toStringTag in the proper place 76d0dee

v4.0.4 - 2025-07-16

Commits

[meta] add auto-changelog 811f682

[Tests] handle predict-v8-randomness failures in node < 17 and node > 23 1d11a76

[Fix] Switch to using crypto random for boundary values 3d17230

[Tests] fix linting errors 5e34080

[meta] actually ensure the readme backup isn’t published 316c82b

[Dev Deps] update @ljharb/eslint-config 58c25d7

[meta] fix readme capitalization 2300ca1

v4.0.3 - 2025-06-05

Fixed

[Fix] append: avoid a crash on nullish values [#577](https://github.com/form-data/form-data/issues/577)

Commits

[eslint] use a shared config 426ba9a

[eslint] fix some spacing issues 2094191

[Refactor] use hasown 81ab41b

[Fix] validate boundary type in setBoundary() method 8d8e469

[Tests] add tests to check the behavior of getBoundary with non-strings 837b8a1

[Dev Deps] remove unused deps 870e4e6

[meta] remove local commit hooks e6e83cc

[Dev Deps] update eslint 4066fd6

[meta] fix scripts to use prepublishOnly c4bbb13

Commits

68ff7dd v4.0.5
5822467 [Dev Deps] update @ljharb/eslint-config, eslint
76d0dee [Fix] set Symbol.toStringTag in the proper place
16e0076 [Tests] Switch to newer v8 prediction library; enable node 24 testing
41996f5 v4.0.4
316c82b [meta] actually ensure the readme backup isn’t published
2300ca1 [meta] fix readme capitalization
811f682 [meta] add auto-changelog
5e34080 [Tests] fix linting errors
1d11a76 [Tests] handle predict-v8-randomness failures in node < 17 and node > 23
Additional commits viewable in compare view

Install script changes

This version modifies prepublish script that runs during installation. Review the package contents before updating.

Updates glob from 11.0.1 to 11.1.0

Changelog

Sourced from glob's changelog.

changeglob

13

Move the CLI program out to a separate package, glob-bin. Install that if you'd like to continue using glob from the command line.

12

Remove the unsafe --shell option. The --shell option is now ONLY supported on known shells where the behavior can be implemented safely.

11.1

GHSA-5j98-mcp5-4vw2

Add the --shell option for the command line, with a warning that this is unsafe. (It will be removed in v12.)

Add the --cmd-arg/-g as a way to safely add positional arguments to the command provided to the CLI tool.

Detect commands with space or quote characters on known shells, and pass positional arguments to them safely, avoiding shell:true execution.

11.0

Drop support for node before v20

10.4

Add includeChildMatches: false option

Export the Ignore class

10.3

Add --default -p flag to provide a default pattern

exclude symbolic links to directories when follow and nodir are both set

10.2

Add glob cli

10.1

Return '.' instead of the empty string '' when the current working directory is returned as a match.

Add posix: true option to return / delimited paths, even on

... (truncated)

Commits

2551fb5 11.1.0
47473c0 bin: Do not expose filenames to shell expansion
bc33fe1 skip tilde test on systems that lack tilde expansion
59bf9ca fix notes
dde4fa6 docs(README): add #anchor and improve notes
0559b0e docs: add better links to path-scurry docs
c9773c2 fix: correct typos in README.md
13e68ea Fix punctuation in traversal function documentation
1527e2b fix repo url
7e190e8 fix typo maths → paths
Additional commits viewable in compare view

Updates glob from 10.4.5 to 10.5.0

Changelog

Sourced from glob's changelog.

changeglob

13

Move the CLI program out to a separate package, glob-bin. Install that if you'd like to continue using glob from the command line.

12

Remove the unsafe --shell option. The --shell option is now ONLY supported on known shells where the behavior can be implemented safely.

11.1

GHSA-5j98-mcp5-4vw2

Add the --shell option for the command line, with a warning that this is unsafe. (It will be removed in v12.)

Add the --cmd-arg/-g as a way to safely add positional arguments to the command provided to the CLI tool.

Detect commands with space or quote characters on known shells, and pass positional arguments to them safely, avoiding shell:true execution.

11.0

Drop support for node before v20

10.4

Add includeChildMatches: false option

Export the Ignore class

10.3

Add --default -p flag to provide a default pattern

exclude symbolic links to directories when follow and nodir are both set

10.2

Add glob cli

10.1

Return '.' instead of the empty string '' when the current working directory is returned as a match.

Add posix: true option to return / delimited paths, even on

... (truncated)

Commits

2551fb5 11.1.0
47473c0 bin: Do not expose filenames to shell expansion
bc33fe1 skip tilde test on systems that lack tilde expansion
59bf9ca fix notes
dde4fa6 docs(README): add #anchor and improve notes
0559b0e docs: add better links to path-scurry docs
c9773c2 fix: correct typos in README.md
13e68ea Fix punctuation in traversal function documentation
1527e2b fix repo url
7e190e8 fix typo maths → paths
Additional commits viewable in compare view

Updates js-yaml from 4.1.0 to 4.1.1

Changelog

Sourced from js-yaml's changelog.

[4.1.1] - 2025-11-12

Security

Fix prototype pollution issue in yaml merge (<<) operator.

Commits

cc482e7 4.1.1 released
50968b8 dist rebuild
d092d86 lint fix
383665f fix prototype pollution in merge (<<)
0d3ca7a README.md: HTTP => HTTPS (#678)
49baadd doc: 'empty' style option for !!null
ba3460e Fix demo link (#618)
See full diff in compare view

Updates lodash from 4.17.21 to 4.17.23

Commits

dec55b7 Bump main to v4.17.23 (#6088)
19c9251 fix: setCacheHas JSDoc return type should be boolean (#6071)
b5e6729 jsdoc: Add -0 and BigInt zeros to _.compact falsey values list (#6062)
edadd45 Prevent prototype pollution on baseUnset function
4879a7a doc: fix autoLink function, conversion of source links (#6056)
9648f69 chore: remove yarn.lock file (#6053)
dfa407d ci: remove legacy configuration files (#6052)
156e196 feat: add renovate setup (#6039)
933e106 ci: add pipeline for Bun (#6023)
072a807 docs: update links related to Open JS Foundation (#5968)
Additional commits viewable in compare view

Updates qs from 6.14.0 to 6.14.2

Changelog

Sourced from qs's changelog.

6.14.2

[Fix] parse: mark overflow objects for indexed notation exceeding arrayLimit (#546)

[Fix] arrayLimit means max count, not max index, in combine/merge/parseArrayValue

[Fix] parse: throw on arrayLimit exceeded with indexed notation when throwOnLimitExceeded is true (#529)

[Fix] parse: enforce arrayLimit on comma-parsed values

[Fix] parse: fix error message to reflect arrayLimit as max index; remove extraneous comments (#545)

[Robustness] avoid .push, use void

[readme] document that addQueryPrefix does not add ? to empty output (#418)

[readme] clarify parseArrays and arrayLimit documentation (#543)

[readme] replace runkit CI badge with shields.io check-runs badge

[meta] fix changelog typo (arrayLength → arrayLimit)

[actions] fix rebase workflow permissions

6.14.1

[Fix] ensure arrayLimit applies to [] notation as well

[Fix] parse: when a custom decoder returns null for a key, ignore that key

[Refactor] parse: extract key segment splitting helper

[meta] add threat model

[actions] add workflow permissions

[Tests] stringify: increase coverage

[Dev Deps] update eslint, @ljharb/eslint-config, npmignore, es-value-fixtures, for-each, object-inspect

Commits

bdcf0c7 v6.14.2
294db90 [readme] document that addQueryPrefix does not add ? to empty output
5c308e5 [readme] clarify parseArrays and arrayLimit documentation
6addf8c [Fix] parse: mark overflow objects for indexed notation exceeding arrayLimit
cfc108f [Fix] arrayLimit means max count, not max index, in combine/merge/`pars...
febb644 [Fix] parse: throw on arrayLimit exceeded with indexed notation when `thr...
f6a7abf [Fix] parse: enforce arrayLimit on comma-parsed values
fbc5206 [Fix] parse: fix error message to reflect arrayLimit as max index; remove e...
1b9a8b4 [actions] fix rebase workflow permissions
2a35775 [meta] fix changelog typo (arrayLength → arrayLimit)
Additional commits viewable in compare view

Updates rollup from 4.38.0 to 4.59.0

Release notes

Sourced from rollup's releases.

v4.59.0

4.59.0

2026-02-22

Features

Throw when the generated bundle contains paths that would leave the output directory (#6276)

Pull Requests

#6275: Validate bundle stays within output dir (@lukastaegert)

v4.58.0

4.58.0

2026-02-20

Features

Also support __NO_SIDE_EFFECTS__ annotation before variable declarations declaring function expressions (#6272)

Pull Requests

#6256: docs: document PreRenderedChunk properties including isDynamicEntry and isImplicitEntry (@njg7194, @lukastaegert)

#6259: docs: Correct typo and improve sentence structure in docs for output.experimentalMinChunkSize (@millerick, @lukastaegert)

#6260: fix(deps): update rust crate swc_compiler_base to v47 (@renovate[bot], @lukastaegert)

#6261: fix(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)

#6262: Avoid unnecessary cloning of the code string (@lukastaegert)

#6263: fix(deps): update minor/patch updates (@renovate[bot], @lukastaegert)

#6265: chore(deps): lock file maintenance (@renovate[bot])

#6267: fix(deps): update minor/patch updates (@renovate[bot])

#6268: chore(deps): update dependency eslint-plugin-unicorn to v63 (@renovate[bot], @lukastaegert)

#6269: chore(deps): update dependency lru-cache to v11 (@renovate[bot])

#6270: chore(deps): lock file maintenance (@renovate[bot])

#6272: forward NO_SIDE_EFFECTS annotations to function expressions in variable declarations (@lukastaegert)

v4.57.1

4.57.1

2026-01-30

Bug Fixes

Fix heap corruption issue in Windows (#6251)

Ensure exports of a dynamic import are fully included when called from a try...catch (#6254)

Pull Requests

#6251: fix: Isolate and cache process.report.getReport() calls in a child process for robust environment detection (@alan-agius4, @lukastaegert)

... (truncated)

Changelog

Sourced from rollup's changelog.

4.59.0

2026-02-22

Features

Throw when the generated bundle contains paths that would leave the output directory (#6276)

Pull Requests

#6275: Validate bundle stays within output dir (@lukastaegert)

4.58.0

2026-02-20

Features

Also support __NO_SIDE_EFFECTS__ annotation before variable declarations declaring function expressions (#6272)

Pull Requests

#6256: docs: document PreRenderedChunk properties including isDynamicEntry and isImplicitEntry (@njg7194, @lukastaegert)

#6259: docs: Correct typo and improve sentence structure in docs for output.experimentalMinChunkSize (@millerick, @lukastaegert)

#6260: fix(deps): update rust crate swc_compiler_base to v47 (@renovate[bot], @lukastaegert)

#6261: fix(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)

#6262: Avoid unnecessary cloning of the code string (@lukastaegert)

#6263: fix(deps): update minor/patch updates (@renovate[bot], @lukastaegert)

#6265: chore(deps): lock file maintenance (@renovate[bot])

#6267: fix(deps): update minor/patch updates (@renovate[bot])

#6268: chore(deps): update dependency eslint-plugin-unicorn to v63 (@renovate[bot], @lukastaegert)

#6269: chore(deps): update dependency lru-cache to v11 (@renovate[bot])

#6270: chore(deps): lock file maintenance (@renovate[bot])

#6272: forward NO_SIDE_EFFECTS annotations to function expressions in variable declarations (@lukastaegert)

4.57.1

2026-01-30

Bug Fixes

Fix heap corruption issue in Windows (#6251)

Ensure exports of a dynamic import are fully included when called from a try...catch (#6254)

Pull Requests

#6251: fix: Isolate and cache process.report.getReport() calls in a child process for robust environment detection (@alan-agius4, @lukastaegert)

#6252: chore(deps): update dependency lru-cache to v11 (@renovate[bot])

#6253: chore(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)

#6254: Fully include dynamic imports in a try-catch (@lukastaegert)

... (truncated)

Commits

ae84695 4.59.0
b39616e Update audit-resolve
c60770d Validate bundle stays within output dir (#6275)
33f39c1 4.58.0
b61c408 forward NO_SIDE_EFFECTS annotations to function expressions in variable decla...
7f00689 Extend agent instructions
e7b2b85 chore(deps): lock file maintenance (#6270)
2aa5da9 fix(deps): update minor/patch updates (#6267)
4319837 chore(deps): update dependency lru-cache to v11 (#6269)
c3b6b4b chore(deps): update dependency eslint-plugin-unicorn to v63 (#6268)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for rollup since your current version.

Install script changes

This version modifies prepare script that runs during installation. Review the package contents before updating.

Updates rollup from 2.79.2 to 2.80.0

Release notes

Sourced from rollup's releases.

v4.59.0

4.59.0

2026-02-22

Features

Throw when the generated bundle contains paths that would leave the output directory (#6276)

Pull Requests

#6275: Validate bundle stays within output dir (@lukastaegert)

v4.58.0

4.58.0

2026-02-20

Features

Also support __NO_SIDE_EFFECTS__ annotation before variable declarations declaring function expressions (#6272)

Pull Requests

#6256: docs: document PreRenderedChunk properties including isDynamicEntry and isImplicitEntry (@njg7194, @lukastaegert)

#6259: docs: Correct typo and improve sentence structure in docs for output.experimentalMinChunkSize (@millerick, @lukastaegert)

#6260: fix(deps): update rust crate swc_compiler_base to v47 (@renovate[bot], @lukastaegert)

#6261: fix(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)

#6262: Avoid unnecessary cloning of the code string (@lukastaegert)

#6263: fix(deps): update minor/patch updates (@renovate[bot], @lukastaegert)

#6265: chore(deps): lock file maintenance (@renovate[bot])

#6267: fix(deps): update minor/patch updates (@renovate[bot])

#6268: chore(deps): update dependency eslint-plugin-unicorn to v63 (@renovate[bot], @lukastaegert)

#6269: chore(deps): update dependency lru-cache to v11 (@renovate[bot])

#6270: chore(deps): lock file maintenance (@renovate[bot])

#6272: forward NO_SIDE_EFFECTS annotations to function expressions in variable declarations (@lukastaegert)

v4.57.1

4.57.1

2026-01-30

Bug Fixes

Fix heap corruption issue in Windows (#6251)

Ensure exports of a dynamic import are fully included when called from a try...catch (#6254)

Pull Requests

#6251: fix: Isolate and cache process.report.getReport() calls in a child process for robust environment detection (@alan-agius4, @lukastaegert)

... (truncated)

Changelog

Sourced from rollup's changelog.

4.59.0

2026-02-22

Features

Throw when the generated bundle contains paths that would leave the output directory (#6276)

Pull Requests

#6275: Validate bundle stays within output dir (@lukastaegert)

4.58.0

2026-02-20

Features

Also support __NO_SIDE_EFFECTS__ annotation before variable declarations declaring function expressions (#6272)

Pull Requests

#6256: docs: document PreRenderedChunk properties including isDynamicEntry and isImplicitEntry (@njg7194, @lukastaegert)

#6259: docs: Correct typo and improve sentence structure in docs for output.experimentalMinChunkSize (@millerick, @lukastaegert)

#6260: fix(deps): update rust crate swc_compiler_base to v47 (@renovate[bot], @lukastaegert)

#6261: fix(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)

#6262: Avoid unnecessary cloning of the code string (@lukastaegert)

#6263: fix(deps): update minor/patch updates (@renovate[bot], @lukastaegert)

#6265: chore(deps): lock file maintenance (@renovate[bot])

#6267: fix(deps): update minor/patch updates (@renovate[bot])

#6268: chore(deps): update dependency eslint-plugin-unicorn to v63 (@renovate[bot], @lukastaegert)

#6269: chore(deps): update dependency lru-cache to v11 (@renovate[bot])

#6270: chore(deps): lock file maintenance (@renovate[bot])

#6272: forward NO_SIDE_EFFECTS annotations to function expressions in variable declarations (@lukastaegert)

4.57.1

2026-01-30

Bug Fixes

Fix heap corruption issue in Windows (#6251)

Ensure exports of a dynamic import are fully included when called from a try...catch (#6254)

Pull Requests

#6251: fix: Isolate and cache process.report.getReport() calls in a child process for robust environment detection (@alan-agius4, @lukastaegert)

#6252: chore(deps): update dependency lru-cache to v11 (@renovate[bot])

#6253: chore(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)

#6254: Fully include dynamic imports in a try-catch (@lukastaegert)

... (truncated)

Commits

ae84695 4.59.0
b39616e Update audit-resolve
c60770d Validate bundle stays within output dir (#6275)
33f39c1 4.58.0
b61c408 forward NO_SIDE_EFFECTS annotations to function expressions in variable decla...
7f00689 Extend agent instructions
e7b2b85 chore(deps): lock file maintenance (#6270)

… updates Bumps the npm_and_yarn group with 10 updates in the /app directory: | Package | From | To | | --- | --- | --- | | [happy-dom](https://github.com/capricorn86/happy-dom) | `17.4.4` | `20.7.0` | | [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `6.2.4` | `6.4.1` | | [form-data](https://github.com/form-data/form-data) | `4.0.2` | `4.0.5` | | [glob](https://github.com/isaacs/node-glob) | `11.0.1` | `11.1.0` | | [glob](https://github.com/isaacs/node-glob) | `10.4.5` | `10.5.0` | | [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.1.1` | | [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.17.23` | | [qs](https://github.com/ljharb/qs) | `6.14.0` | `6.14.2` | | [rollup](https://github.com/rollup/rollup) | `4.38.0` | `4.59.0` | | [rollup](https://github.com/rollup/rollup) | `2.79.2` | `2.80.0` | | [tar](https://github.com/isaacs/node-tar) | `6.2.1` | `7.5.9` | | [tmp](https://github.com/raszi/node-tmp) | `0.2.3` | `0.2.5` | Bumps the npm_and_yarn group with 5 updates in the /docs directory: | Package | From | To | | --- | --- | --- | | [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `5.4.8` | `5.4.21` | | [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` | | [rollup](https://github.com/rollup/rollup) | `4.24.0` | `4.59.0` | | [prismjs](https://github.com/PrismJS/prism) | `1.29.0` | `1.30.0` | | [undici](https://github.com/nodejs/undici) | `6.20.1` | `6.23.0` | Updates `happy-dom` from 17.4.4 to 20.7.0 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](capricorn86/happy-dom@v17.4.4...v20.7.0) Updates `vite` from 6.2.4 to 6.4.1 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/create-vite@6.4.1/packages/vite) Updates `form-data` from 4.0.2 to 4.0.5 - [Release notes](https://github.com/form-data/form-data/releases) - [Changelog](https://github.com/form-data/form-data/blob/master/CHANGELOG.md) - [Commits](form-data/form-data@v4.0.2...v4.0.5) Updates `glob` from 11.0.1 to 11.1.0 - [Changelog](https://github.com/isaacs/node-glob/blob/main/changelog.md) - [Commits](isaacs/node-glob@v11.0.1...v11.1.0) Updates `glob` from 10.4.5 to 10.5.0 - [Changelog](https://github.com/isaacs/node-glob/blob/main/changelog.md) - [Commits](isaacs/node-glob@v11.0.1...v11.1.0) Updates `js-yaml` from 4.1.0 to 4.1.1 - [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md) - [Commits](nodeca/js-yaml@4.1.0...4.1.1) Updates `lodash` from 4.17.21 to 4.17.23 - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.21...4.17.23) Updates `qs` from 6.14.0 to 6.14.2 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.14.0...v6.14.2) Updates `rollup` from 4.38.0 to 4.59.0 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v4.38.0...v4.59.0) Updates `rollup` from 2.79.2 to 2.80.0 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v4.38.0...v4.59.0) Updates `tar` from 6.2.1 to 7.5.9 - [Release notes](https://github.com/isaacs/node-tar/releases) - [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md) - [Commits](isaacs/node-tar@v6.2.1...v7.5.9) Updates `tmp` from 0.2.3 to 0.2.5 - [Changelog](https://github.com/raszi/node-tmp/blob/master/CHANGELOG.md) - [Commits](raszi/node-tmp@v0.2.3...v0.2.5) Updates `vite` from 5.4.8 to 5.4.21 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/create-vite@6.4.1/packages/vite) Updates `js-yaml` from 3.14.1 to 3.14.2 - [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md) - [Commits](nodeca/js-yaml@4.1.0...4.1.1) Updates `rollup` from 4.24.0 to 4.59.0 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v4.38.0...v4.59.0) Updates `prismjs` from 1.29.0 to 1.30.0 - [Release notes](https://github.com/PrismJS/prism/releases) - [Changelog](https://github.com/PrismJS/prism/blob/v2/CHANGELOG.md) - [Commits](PrismJS/prism@v1.29.0...v1.30.0) Updates `undici` from 6.20.1 to 6.23.0 - [Release notes](https://github.com/nodejs/undici/releases) - [Commits](nodejs/undici@v6.20.1...v6.23.0) --- updated-dependencies: - dependency-name: happy-dom dependency-version: 20.7.0 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: vite dependency-version: 6.4.1 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: form-data dependency-version: 4.0.5 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: glob dependency-version: 11.1.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: glob dependency-version: 10.5.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: js-yaml dependency-version: 4.1.1 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: lodash dependency-version: 4.17.23 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: qs dependency-version: 6.14.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: rollup dependency-version: 4.59.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: rollup dependency-version: 2.80.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: tar dependency-version: 7.5.9 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: tmp dependency-version: 0.2.5 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: vite dependency-version: 5.4.21 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: js-yaml dependency-version: 3.14.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: rollup dependency-version: 4.59.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: prismjs dependency-version: 1.30.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: undici dependency-version: 6.23.0 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>

aws-amplify-ap-southeast-1 · 2026-02-26T11:21:31Z

This pull request is automatically being deployed by Amplify Hosting (learn more).

Access this pull request here: https://pr-11.d33wffx3pk6nfv.amplifyapp.com

dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Feb 26, 2026

dependabot Bot mentioned this pull request Feb 26, 2026

build(deps): Bump the npm_and_yarn group across 1 directory with 3 updates #10

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build(deps): Bump the npm_and_yarn group across 2 directories with 12 updates#11

build(deps): Bump the npm_and_yarn group across 2 directories with 12 updates#11
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/app/npm_and_yarn-4fe05f48f4

dependabot Bot commented on behalf of github Feb 26, 2026

Uh oh!

aws-amplify-ap-southeast-1 Bot commented Feb 26, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github Feb 26, 2026

v20.7.0

🎨 Features

v20.6.5

👷‍♂️ Patch fixes

v20.6.4

👷‍♂️ Patch fixes

v20.6.3

👷‍♂️ Patch fixes

v20.6.2

👷‍♂️ Patch fixes

v20.6.1

👷‍♂️ Patch fixes

v20.6.0

🎨 Features

v20.5.5

👷‍♂️ Patch fixes

v20.5.4

👷‍♂️ Patch fixes

v20.5.3

👷‍♂️ Patch fixes

v20.5.2

👷‍♂️ Patch fixes

v20.5.1

👷‍♂️ Patch fixes

create-vite@6.4.1

v6.4.1

v6.4.0

v6.3.7

v6.3.6

v6.3.5

v6.3.4

v6.3.3

v6.3.2

v6.3.1

v6.2.7

v4.0.4

v4.0.4 - 2025-07-16

Commits

v4.0.3

v4.0.3 - 2025-06-05

Fixed

Commits

v4.0.5 - 2025-11-17

Commits

v4.0.4 - 2025-07-16

Commits

v4.0.3 - 2025-06-05

Fixed

Commits

changeglob

13

12

11.1

11.0

10.4

10.3

10.2

10.1

changeglob

13

12

11.1

11.0

10.4

10.3

10.2

10.1

[4.1.1] - 2025-11-12

Security

6.14.2

6.14.1

v4.59.0

4.59.0

Features

Pull Requests

v4.58.0

4.58.0

Features