Skip to content

chore(deps): bump the npm_and_yarn group across 1 directory with 2 updates#1634

Merged
TheOrangePuff merged 2 commits intomainfrom
dependabot/npm_and_yarn/npm_and_yarn-b23f7d3257
Mar 30, 2026
Merged

chore(deps): bump the npm_and_yarn group across 1 directory with 2 updates#1634
TheOrangePuff merged 2 commits intomainfrom
dependabot/npm_and_yarn/npm_and_yarn-b23f7d3257

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Mar 27, 2026
edited
Loading

Bumps the npm_and_yarn group with 2 updates in the / directory: handlebars and picomatch.

Updates handlebars from 4.7.8 to 4.7.9

Release notes

Sourced from handlebars's releases.

v4.7.9

Commits

Changelog

Sourced from handlebars's changelog.

v4.7.9 - March 26th, 2026

  • fix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2
  • fix type "RuntimeOptions" also accepting string partials - eab1d14
  • feat(types): set hash to be a Record<string, any> - de4414d
  • fix non-contiguous program indices - 4512766
  • refactor: rename i to startPartIndex - e497a35
  • security: fix security issues - 68d8df5

Commits

Commits
  • dce542c v4.7.9
  • 8a41389 Update release notes
  • 68d8df5 Fix security issues
  • b2a0831 Fix browser tests
  • 9f98c16 Fix release script
  • 45443b4 Revert "Improve partial indenting performance"
  • 8841a5f Fix CI errors with linting
  • e0137c2 fix: enable shell mode for spawn to resolve Windows EINVAL issue
  • e914d60 Improve rendering performance
  • 7de4b41 Upgrade GitHub Actions checkout and setup-node on 4.x branch
  • Additional commits viewable in compare view

Updates picomatch from 2.3.1 to 2.3.2

Release notes

Sourced from picomatch's releases.

2.3.2

This is a security release fixing several security relevant issues.

What's Changed

Full Changelog: micromatch/picomatch@2.3.1...2.3.2

Changelog

Sourced from picomatch's changelog.

Release history

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog and this project adheres to Semantic Versioning.

  • Changelogs are for humans, not machines.
  • There should be an entry for every single version.
  • The same types of changes should be grouped.
  • Versions and sections should be linkable.
  • The latest version comes first.
  • The release date of each versions is displayed.
  • Mention whether you follow Semantic Versioning.

Changelog entries are classified using the following labels (from keep-a-changelog):

  • Added for new features.
  • Changed for changes in existing functionality.
  • Deprecated for soon-to-be removed features.
  • Removed for now removed features.
  • Fixed for any bug fixes.
  • Security in case of vulnerabilities.

4.0.0 (2024-02-07)

Fixes

Changed

3.0.1

Fixes

... (truncated)

Commits

@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Mar 27, 2026
@dependabot dependabot bot requested a review from a team as a code owner March 27, 2026 04:52
@dependabot dependabot bot requested review from NgaNaNa and aaronmedina-dev March 27, 2026 04:52
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Mar 27, 2026
@TheOrangePuff
Copy link
Copy Markdown
Member

TheOrangePuff commented Mar 30, 2026

@dependabot rebase

@dependabot
chore(deps): bump the npm_and_yarn group across 1 directory with 2 up…
4d9d476 
…dates

Bumps the npm_and_yarn group with 2 updates in the / directory: [handlebars](https://github.com/handlebars-lang/handlebars.js) and [picomatch](https://github.com/micromatch/picomatch).


Updates `handlebars` from 4.7.8 to 4.7.9
- [Release notes](https://github.com/handlebars-lang/handlebars.js/releases)
- [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/v4.7.9/release-notes.md)
- [Commits](handlebars-lang/handlebars.js@v4.7.8...v4.7.9)

Updates `picomatch` from 2.3.1 to 2.3.2
- [Release notes](https://github.com/micromatch/picomatch/releases)
- [Changelog](https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md)
- [Commits](micromatch/picomatch@2.3.1...2.3.2)

---
updated-dependencies:
- dependency-name: handlebars
  dependency-version: 4.7.9
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: picomatch
  dependency-version: 2.3.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/npm_and_yarn-b23f7d3257 branch from 5150530 to 4d9d476 Compare March 30, 2026 02:07
@TheOrangePuff TheOrangePuff merged commit 319d5ff into main Mar 30, 2026
1 check passed
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/npm_and_yarn-b23f7d3257 branch March 30, 2026 02:12
@github-actions github-actions bot mentioned this pull request Mar 30, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@TheOrangePuff TheOrangePuff TheOrangePuff approved these changes

@aaronmedina-dev aaronmedina-dev Awaiting requested review from aaronmedina-dev aaronmedina-dev is a code owner automatically assigned from aligent/devops

@NgaNaNa NgaNaNa Awaiting requested review from NgaNaNa NgaNaNa is a code owner automatically assigned from aligent/devops

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@TheOrangePuff