Skip to content

chore(deps): bump the npm_and_yarn group across 2 directories with 10 updates#1149

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/customer-center/npm_and_yarn-c25572cebe
Open

chore(deps): bump the npm_and_yarn group across 2 directories with 10 updates#1149
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/customer-center/npm_and_yarn-c25572cebe

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 2, 2026
edited
Loading

Bumps the npm_and_yarn group with 9 updates in the /customer-center directory:

Package From To
brace-expansion 1.1.11 1.1.13
flatted 3.2.4 3.4.2
handlebars 4.7.7 4.7.9
immutable 4.0.0 4.3.8
lodash 4.17.23 4.18.1
minimatch 3.1.2 3.1.5
picomatch 2.2.2 2.3.2
socket.io-parser 4.2.4 4.2.6
underscore 1.13.2 1.13.8

Bumps the npm_and_yarn group with 1 update in the /ember directory: rollup.

Updates brace-expansion from 1.1.11 to 1.1.13

Release notes

Sourced from brace-expansion's releases.

v1.1.12

  • pkg: publish on tag 1.x c460dbd
  • fmt ccb8ac6
  • Fix potential ReDoS Vulnerability or Inefficient Regular Expression (#65) c3c73c8

juliangruber/brace-expansion@v1.1.11...v1.1.12

Commits

Updates flatted from 3.2.4 to 3.4.2

Commits
  • 3bf0909 3.4.2
  • 885ddcc fix CWE-1321
  • 0bdba70 added flatted-view to the benchmark
  • 2a02dce 3.4.1
  • fba4e8f Merge pull request #89 from WebReflection/python-fix
  • 5fe8648 added "when in Rome" also a test for PHP
  • 53517ad some minor improvement
  • b3e2a0c Fixing recursion issue in Python too
  • c4b46db Add SECURITY.md for security policy and reporting
  • f86d071 Create dependabot.yml for version updates
  • Additional commits viewable in compare view

Updates handlebars from 4.7.7 to 4.7.9

Release notes

Sourced from handlebars's releases.

v4.7.9

Commits

v4.7.8

  • Make library compatible with workers (#1894) - 3d3796c
  • Don't rely on Node.js global object (#1776) - 2954e7e
  • Fix compiling of each block params in strict mode (#1855) - 30dbf04
  • Fix rollup warning when importing Handlebars as ESM - 03d387b
  • Fix bundler issue with webpack 5 (#1862) - c6c6bbb
  • Use https instead of git for mustache submodule - 88ac068

Commits

Changelog

Sourced from handlebars's changelog.

v4.7.9 - March 26th, 2026

  • fix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2
  • fix type "RuntimeOptions" also accepting string partials - eab1d14
  • feat(types): set hash to be a Record<string, any> - de4414d
  • fix non-contiguous program indices - 4512766
  • refactor: rename i to startPartIndex - e497a35
  • security: fix security issues - 68d8df5

Commits

v4.7.8 - July 27th, 2023

  • Make library compatible with workers (#1894) - 3d3796c
  • Don't rely on Node.js global object (#1776) - 2954e7e
  • Fix compiling of each block params in strict mode (#1855) - 30dbf04
  • Fix rollup warning when importing Handlebars as ESM - 03d387b
  • Fix bundler issue with webpack 5 (#1862) - c6c6bbb
  • Use https instead of git for mustache submodule - 88ac068

Commits

Commits
  • dce542c v4.7.9
  • 8a41389 Update release notes
  • 68d8df5 Fix security issues
  • b2a0831 Fix browser tests
  • 9f98c16 Fix release script
  • 45443b4 Revert "Improve partial indenting performance"
  • 8841a5f Fix CI errors with linting
  • e0137c2 fix: enable shell mode for spawn to resolve Windows EINVAL issue
  • e914d60 Improve rendering performance
  • 7de4b41 Upgrade GitHub Actions checkout and setup-node on 4.x branch
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by jaylinski, a new releaser for handlebars since your current version.


Updates immutable from 4.0.0 to 4.3.8

Release notes

Sourced from immutable's releases.

v4.3.8

Fix Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in immutable

v4.3.7

What's Changed

Full Changelog: immutable-js/immutable-js@v4.3.6...v4.3.7

v4.3.6

What's Changed

Internals

New Contributors

Full Changelog: immutable-js/immutable-js@v4.3.5...v4.3.6

v4.3.5

What's Changed

New Contributors

Full Changelog: immutable-js/immutable-js@v4.3.4...v4.3.5

4.3.4

What's Changed

Full Changelog: immutable-js/immutable-js@v4.3.3...v4.3.4

v4.3.3

What's Changed

... (truncated)

Changelog

Sourced from immutable's changelog.

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning. Dates are formatted as YYYY-MM-DD.

Unreleased

5.1.5

  • Fix Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in immutable

5.1.4

Documentation

Internal

5.1.3

TypeScript

Documentation

There has been a huge amount of changes in the documentation, mainly migrate from an autogenerated documentation from .d.ts file, to a proper documentation in markdown. The playground has been included on nearly all method examples. We added a page about browser extensions too: https://immutable-js.com/browser-extension/

Internal

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for immutable since your current version.


Updates lodash from 4.17.23 to 4.18.1

Release notes

Sourced from lodash's releases.

4.18.1

Bugs

Fixes a ReferenceError issue in lodash lodash-es lodash-amd and lodash.template when using the template and fromPairs functions from the modular builds. See lodash/lodash#6167

These defects were related to how lodash distributions are built from the main branch using https://github.com/lodash-archive/lodash-cli. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.

There is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:

4.18.0

v4.18.0

Full Changelog: lodash/lodash@4.17.23...4.18.0

Security

_.unset / _.omit: Fixed prototype pollution via constructor/prototype path traversal (GHSA-f23m-r3pf-42rh, fe8d32e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now constructor and prototype are blocked unconditionally as non-terminal path keys, matching baseSet. Calls that previously returned true and deleted the property now return false and leave the target untouched.

_.template: Fixed code injection via imports keys (GHSA-r5fr-rjxr-66jc, CVE-2026-4800, 879aaa9). Fixes an incomplete patch for CVE-2021-23337. The variable option was validated against reForbiddenIdentifierChars but importsKeys was left unguarded, allowing code injection via the same Function() constructor sink. imports keys containing forbidden identifier characters now throw "Invalid imports option passed into _.template".

Docs

  • Add security notice for _.template in threat model and API docs (#6099)
  • Document lower > upper behavior in _.random (#6115)
  • Fix quotes in _.compact jsdoc (#6090)

lodash.* modular packages

Diff

We have also regenerated and published a select number of the lodash.* modular packages.

These modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:

Commits
  • cb0b9b9 release(patch): bump main to 4.18.1 (#6177)
  • 75535f5 chore: prune stale advisory refs (#6170)
  • 62e91bc docs: remove n_ Node.js < 6 REPL note from README (#6165)
  • 59be2de release(minor): bump to 4.18.0 (#6161)
  • af63457 fix: broken tests for _.template 879aaa9
  • 1073a76 fix: linting issues
  • 879aaa9 fix: validate imports keys in _.template
  • fe8d32e fix: block prototype pollution in baseUnset via constructor/prototype traversal
  • 18ba0a3 refactor(fromPairs): use baseAssignValue for consistent assignment (#6153)
  • b819080 ci: add dist sync validation workflow (#6137)
  • Additional commits viewable in compare view

Updates minimatch from 3.1.2 to 3.1.5

Commits

Updates picomatch from 2.2.2 to 2.3.2

Release notes

Sourced from picomatch's releases.

2.3.2

This is a security release fixing several security relevant issues.

What's Changed

Full Changelog: micromatch/picomatch@2.3.1...2.3.2

2.3.1

Fixed

  • Fixes bug when a pattern containing an expression after the closing parenthesis (/!(*.d).{ts,tsx}) was incorrectly converted to regexp (9f241ef).

Changed

2.2.3

Fixed

  • Do not skip pattern seperator for square brackets (fb08a30).
  • Set negatedExtGlob also if it does not span the whole pattern (032e3f5).
Changelog

Sourced from picomatch's changelog.

Release history

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog and this project adheres to Semantic Versioning.

  • Changelogs are for humans, not machines.
  • There should be an entry for every single version.
  • The same types of changes should be grouped.
  • Versions and sections should be linkable.
  • The latest version comes first.
  • The release date of each versions is displayed.
  • Mention whether you follow Semantic Versioning.

Changelog entries are classified using the following labels (from keep-a-changelog):

  • Added for new features.
  • Changed for changes in existing functionality.
  • Deprecated for soon-to-be removed features.
  • Removed for now removed features.
  • Fixed for any bug fixes.
  • Security in case of vulnerabilities.

4.0.0 (2024-02-07)

Fixes

Changed

3.0.1

Fixes

... (truncated)

Commits
  • 81cba8d Publish 2.3.2
  • fc1f6b6 Merge commit from fork
  • eec17ae Merge commit from fork
  • 78f8ca4 Merge pull request #156 from micromatch/backport-144
  • 3f4f10e Merge pull request #144 from Jason3S/jdent-object-properties
  • 5467a5a 2.3.1
  • 9f241ef Merge pull request #102 from micromatch/ISSUE-93_incorrect_extglob_expanding
  • ac3cb66 fix: support stars in negation extglobs with expression after closing parenth...
  • 719d348 Merge pull request #85 from XhmikosR/codeql
  • ac74e57 Merge pull request #91 from XhmikosR/patch-1
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by danez, a new releaser for picomatch since your current version.


Updates socket.io-parser from 4.2.4 to 4.2.6

Release notes

Sourced from socket.io-parser's releases.

[email protected]

This release includes a fix for CVE-2026-33151. Please upgrade as soon as possible.

Bug Fixes

  • add a limit to the number of binary attachments (b25738c)

[email protected]

This release contains a bump of debug from ~4.3.1 to ~4.4.1.

Commits
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for socket.io-parser since your current version.


Updates underscore from 1.13.2 to 1.13.8

Commits
  • 9374840 Merge branch 'release/1.13.8'
  • 309ad7e Re-generate annotated sources and minified codemaps
  • a1ac1d3 Add links to diff and docs in 1.13.8 change log entry
  • b579595 Mention CVE-2026-27601 in comments and documentation (#3011)
  • 45ea015 Revert obfuscations from 42823bb.
  • 4a4019e Update minified bundles
  • 1ccfdd0 Add preliminary release notes for 1.13.8
  • 42823bb Temporarily obfuscate comments
  • a6e23ae Make _.isEqual nonrecursive
  • f2b5164 Add regression test against stack overflow in _.isEqual
  • Additional commits viewable in compare view

Updates brace-expansion from 1.1.11 to 1.1.13

Release notes

Sourced from brace-expansion's releases.

v1.1.12

  • pkg: publish on tag 1.x c460dbd
  • fmt ccb8ac6
  • Fix potential ReDoS Vulnerability or Inefficient Regular Expression (#65) c3c73c8

juliangruber/brace-expansion@v1.1.11...v1.1.12

Commits

Updates flatted from 3.2.4 to 3.4.2

Commits
  • 3bf0909 3.4.2
  • 885ddcc fix CWE-1321
  • 0bdba70 added flatted-view to the benchmark
  • 2a02dce 3.4.1
  • fba4e8f Merge pull request #89 from WebReflection/python-fix
  • 5fe8648 added "when in Rome" also a test for PHP
  • 53517ad some minor improvement
  • b3e2a0c Fixing recursion issue in Python too
  • c4b46db Add SECURITY.md for security policy and reporting
  • f86d071 Create dependabot.yml for version updates
  • Additional commits viewable in compare view

Updates handlebars from 4.7.7 to 4.7.9

Release notes

Sourced from handlebars's releases.

v4.7.9

Commits

v4.7.8

  • Make library compatible with workers (#1894) - 3d3796c
  • Don't rely on Node.js global object (#1776) - 2954e7e
  • Fix compiling of each block params in strict mode (#1855) - 30dbf04
  • Fix rollup warning when importing Handlebars as ESM - 03d387b
  • Fix bundler issue with webpack 5 (#1862) - c6c6bbb
  • Use https instead of git for mustache submodule - 88ac068

Commits

Changelog

Sourced from handlebars's changelog.

v4.7.9 - March 26th, 2026

  • fix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2
  • fix type "RuntimeOptions" also accepting string partials - eab1d14
  • feat(types): set hash to be a Record<string, any> - de4414d
  • fix non-contiguous program indices - 4512766
  • refactor: rename i to startPartIndex - e497a35
  • security: fix security issues - 68d8df5

Commits

v4.7.8 - July 27th, 2023

  • Make library compatible with workers (#1894) - 3d3796c
  • Don't rely on Node.js global object (#1776) - 2954e7e
  • Fix compiling of each block params in strict mode (#1855) - 30dbf04
  • Fix rollup warning when importing Handlebars as ESM - 03d387b
  • Fix bundler issue with webpack 5 (#1862) - c6c6bbb
  • Use https instead of git for mustache submodule - 88ac068

Commits

Commits
  • dce542c v4.7.9
  • 8a41389 Update release notes
  • 68d8df5 Fix security issues
  • b2a0831 Fix browser tests
  • 9f98c16 Fix release script
  • 45443b4 Revert "Improve partial indenting performance"
  • 8841a5f Fix CI errors with linting
  • e0137c2 fix: enable shell mode for spawn to resolve Windows EINVAL issue
  • e914d60 Improve rendering performance
  • 7de4b41 Upgrade GitHub Actions checkout and setup-node on 4.x branch
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by jaylinski, a new releaser for handlebars since your current version.


Updates lodash from 4.17.23 to 4.18.1

Release notes

Sourced from lodash's releases.

4.18.1

Bugs

Fixes a ReferenceError issue in lodash lodash-es lodash-amd and lodash.template when using the template and fromPairs functions from the modular builds. See lodash/lodash#6167

These defects were related to how lodash distributions are built from the main branch using https://github.com/lodash-archive/lodash-cli. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.

There is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:

4.18.0

v4.18.0

Full Changelog: lodash/lodash@4.17.23...4.18.0

Security

_.unset / _.omit: Fixed prototype pollution via constructor/prototype path traversal (GHSA-f23m-r3pf-42rh, fe8d32e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now constructor and prototype are blocked unconditionally as non-terminal path keys, matching baseSet. Calls that previously returned true and deleted the property now return false and leave the target untouched.

_.template: Fixed code injection via imports keys (GHSA-r5fr-rjxr-66jc, CVE-2026-4800, 879aaa9). Fixes an incomplete patch for CVE-2021-23337. The variable option was validated against reForbiddenIdentifierChars but importsKeys was left unguarded, allowing code injection via the same Function() constructor sink. imports keys containing forbidden identifier characters now throw "Invalid imports option passed into _.template".

Docs

  • Add security notice for _.template in threat model and API docs (#6099)
  • Document lower > upper behavior in _.random (#6115)
  • Fix quotes in _.compact jsdoc (#6090)

lodash.* modular packages

Diff

We have also regenerated and published a select number of the lodash.* modular packages.

These modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:

Commits
  • cb0b9b9 release(patch): bump main to 4.18.1 (#6177)
  • 75535f5 chore: prune stale advisory refs (#6170)
  • 62e91bc docs: remove n_ Node.js < 6 REPL note from README (#6165)
  • 59be2de release(minor): bump to 4.18.0 (#6161)
  • af63457 fix: broken tests for _.template 879aaa9
  • 1073a76 fix: linting issues
  • 879aaa9 fix: validate imports keys in _.template
  • fe8d32e fix: block prototype pollution in baseUnset via constructor/prototype traversal
  • 18ba0a3 refactor(fromPairs): use baseAssignValue for consistent assignment (#6153)
  • b819080 ci: add dist sync validation workflow (#6137)
  • Additional commits viewable in compare view

Updates minimatch from 3.1.2 to 3.1.5

Commits

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Apr 2, 2026
@dependabot dependabot Bot mentioned this pull request Apr 2, 2026
Closed
@dependabot dependabot Bot requested a review from a team as a code owner April 2, 2026 08:34
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Apr 2, 2026
@c0rydoras
Copy link
Copy Markdown
Collaborator

c0rydoras commented Apr 2, 2026

@dependabot rebase

@c0rydoras
Copy link
Copy Markdown
Collaborator

c0rydoras commented Apr 2, 2026

@dependabot squash and merge

c0rydoras
c0rydoras previously approved these changes Apr 2, 2026
View reviewed changes
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/customer-center/npm_and_yarn-c25572cebe branch from a168af5 to 53b2881 Compare April 2, 2026 12:09
@c0rydoras
Copy link
Copy Markdown
Collaborator

c0rydoras commented Apr 2, 2026

@dependabot rebase

@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/customer-center/npm_and_yarn-c25572cebe branch from 53b2881 to a6507d4 Compare April 2, 2026 13:22
@c0rydoras
Copy link
Copy Markdown
Collaborator

c0rydoras commented Apr 2, 2026

@dependabot rebase

@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/customer-center/npm_and_yarn-c25572cebe branch from a6507d4 to 08dd041 Compare April 2, 2026 14:03
@c0rydoras
Copy link
Copy Markdown
Collaborator

c0rydoras commented Apr 7, 2026

@dependabot update

@dependabot
chore(deps): bump the npm_and_yarn group across 2 directories with 10…
1a3cb66 
… updates

Bumps the npm_and_yarn group with 9 updates in the /customer-center directory:

| Package | From | To |
| --- | --- | --- |
| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.13` |
| [flatted](https://github.com/WebReflection/flatted) | `3.2.4` | `3.4.2` |
| [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.7.7` | `4.7.9` |
| [immutable](https://github.com/immutable-js/immutable-js) | `4.0.0` | `4.3.8` |
| [lodash](https://github.com/lodash/lodash) | `4.17.23` | `4.18.1` |
| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |
| [picomatch](https://github.com/micromatch/picomatch) | `2.2.2` | `2.3.2` |
| [socket.io-parser](https://github.com/socketio/socket.io) | `4.2.4` | `4.2.6` |
| [underscore](https://github.com/jashkenas/underscore) | `1.13.2` | `1.13.8` |

Bumps the npm_and_yarn group with 1 update in the /ember directory: [rollup](https://github.com/rollup/rollup).


Updates `brace-expansion` from 1.1.11 to 1.1.13
- [Release notes](https://github.com/juliangruber/brace-expansion/releases)
- [Commits](juliangruber/brace-expansion@1.1.11...v1.1.13)

Updates `flatted` from 3.2.4 to 3.4.2
- [Commits](WebReflection/flatted@v3.2.4...v3.4.2)

Updates `handlebars` from 4.7.7 to 4.7.9
- [Release notes](https://github.com/handlebars-lang/handlebars.js/releases)
- [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/v4.7.9/release-notes.md)
- [Commits](handlebars-lang/handlebars.js@v4.7.7...v4.7.9)

Updates `immutable` from 4.0.0 to 4.3.8
- [Release notes](https://github.com/immutable-js/immutable-js/releases)
- [Changelog](https://github.com/immutable-js/immutable-js/blob/main/CHANGELOG.md)
- [Commits](immutable-js/immutable-js@v4.0.0...v4.3.8)

Updates `lodash` from 4.17.23 to 4.18.1
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](lodash/lodash@4.17.23...4.18.1)

Updates `minimatch` from 3.1.2 to 3.1.5
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)
- [Commits](isaacs/minimatch@v3.1.2...v3.1.5)

Updates `picomatch` from 2.2.2 to 2.3.2
- [Release notes](https://github.com/micromatch/picomatch/releases)
- [Changelog](https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md)
- [Commits](micromatch/picomatch@2.2.2...2.3.2)

Updates `socket.io-parser` from 4.2.4 to 4.2.6
- [Release notes](https://github.com/socketio/socket.io/releases)
- [Changelog](https://github.com/socketio/socket.io/blob/main/CHANGELOG.md)
- [Commits](https://github.com/socketio/socket.io/compare/[email protected]@4.2.6)

Updates `underscore` from 1.13.2 to 1.13.8
- [Commits](jashkenas/underscore@1.13.2...1.13.8)

Updates `rollup` from 4.55.1 to 4.59.0
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](rollup/rollup@v4.55.1...v4.59.0)

---
updated-dependencies:
- dependency-name: brace-expansion
  dependency-version: 1.1.13
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: flatted
  dependency-version: 3.4.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: handlebars
  dependency-version: 4.7.9
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: immutable
  dependency-version: 4.3.8
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: lodash
  dependency-version: 4.18.1
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: minimatch
  dependency-version: 3.1.5
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: picomatch
  dependency-version: 2.3.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: socket.io-parser
  dependency-version: 4.2.6
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: underscore
  dependency-version: 1.13.8
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: rollup
  dependency-version: 4.59.0
  dependency-type: direct:development
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/customer-center/npm_and_yarn-c25572cebe branch from 08dd041 to 1a3cb66 Compare April 7, 2026 13:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@c0rydoras c0rydoras c0rydoras left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@c0rydoras