Skip to content

build(deps): bump the npm_and_yarn group across 5 directories with 19 updates#406

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/npm_and_yarn-82ffb0bba8
Closed

build(deps): bump the npm_and_yarn group across 5 directories with 19 updates#406
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/npm_and_yarn-82ffb0bba8

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 7, 2026

Copy link
Copy Markdown
Contributor

Bumps the npm_and_yarn group with 18 updates in the / directory:

Package From To
rollup 4.24.0 4.59.0
@babel/core 7.23.2 7.29.6
@babel/helpers 7.22.6 7.29.7
@babel/plugin-transform-modules-systemjs 7.23.0 7.29.7
flatted 3.2.7 3.4.2
follow-redirects 1.15.6 1.16.0
form-data 3.0.1 3.0.5
http-proxy-middleware 2.0.7 2.0.10
js-yaml 3.14.1 3.15.0
jsonpath 1.1.1 1.3.0
nanoid 3.3.6 3.3.15
node-forge 1.3.1 1.4.0
picomatch 2.3.1 2.3.2
validator 13.11.0 13.15.35
webpack-dev-server 4.15.1 4.15.2
webpack 5.95.0 5.108.4
ws 7.5.10 7.5.11
yaml 1.10.2 1.10.3

Bumps the npm_and_yarn group with 1 update in the /packages/openfeature-server-provider directory: rollup.
Bumps the npm_and_yarn group with 1 update in the /packages/openfeature-web-provider directory: rollup.
Bumps the npm_and_yarn group with 1 update in the /packages/react directory: rollup.
Bumps the npm_and_yarn group with 1 update in the /packages/sdk directory: rollup.

Updates rollup from 4.24.0 to 4.59.0

Release notes

Sourced from rollup's releases.

v4.59.0

4.59.0

2026-02-22

Features

  • Throw when the generated bundle contains paths that would leave the output directory (#6276)

Pull Requests

v4.58.0

4.58.0

2026-02-20

Features

  • Also support __NO_SIDE_EFFECTS__ annotation before variable declarations declaring function expressions (#6272)

Pull Requests

v4.57.1

4.57.1

2026-01-30

Bug Fixes

  • Fix heap corruption issue in Windows (#6251)
  • Ensure exports of a dynamic import are fully included when called from a try...catch (#6254)

Pull Requests

... (truncated)

Changelog

Sourced from rollup's changelog.

4.59.0

2026-02-22

Features

  • Throw when the generated bundle contains paths that would leave the output directory (#6276)

Pull Requests

4.58.0

2026-02-20

Features

  • Also support __NO_SIDE_EFFECTS__ annotation before variable declarations declaring function expressions (#6272)

Pull Requests

4.57.1

2026-01-30

Bug Fixes

  • Fix heap corruption issue in Windows (#6251)
  • Ensure exports of a dynamic import are fully included when called from a try...catch (#6254)

Pull Requests

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for rollup since your current version.

Install script changes

This version modifies prepare script that runs during installation. Review the package contents before updating.


Updates @babel/core from 7.23.2 to 7.29.6

Release notes

Sourced from @​babel/core's releases.

v7.29.6 (2026-05-25)

🐛 Bug Fix

Committers: 3

v7.29.5 (2026-05-05)

🏠 Internal

  • babel-preset-env
    • Update @babel/* dependencies

v7.29.4 (2026-05-05)

🐛 Bug Fix

  • babel-plugin-transform-modules-systemjs
    • #17974 [7.x backport]fix(systemjs): improve module string name support (@​JLHwung)

Committers: 1

v7.29.3 (2026-04-30)

👓 Spec Compliance

🐛 Bug Fix

  • babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators
    • #17931 fix(decorators): replace super within all removed static elements (@​JLHwung)
  • babel-register
  • babel-compat-data, babel-plugin-bugfix-safari-rest-destructuring-rhs-array, babel-preset-env

💅 Polish

📝 Documentation

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​babel/core since your current version.


Updates @babel/helpers from 7.22.6 to 7.29.7

Release notes

Sourced from @​babel/helpers's releases.

v7.29.7 (2026-05-25)

Re-release all packages with npm provenance attestations

v7.29.6 (2026-05-25)

🐛 Bug Fix

Committers: 3

v7.29.5 (2026-05-05)

🏠 Internal

  • babel-preset-env
    • Update @babel/* dependencies

v7.29.4 (2026-05-05)

🐛 Bug Fix

  • babel-plugin-transform-modules-systemjs
    • #17974 [7.x backport]fix(systemjs): improve module string name support (@​JLHwung)

Committers: 1

v7.29.3 (2026-04-30)

👓 Spec Compliance

🐛 Bug Fix

  • babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators
    • #17931 fix(decorators): replace super within all removed static elements (@​JLHwung)
  • babel-register
  • babel-compat-data, babel-plugin-bugfix-safari-rest-destructuring-rhs-array, babel-preset-env

💅 Polish

  • babel-parser

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​babel/helpers since your current version.


Updates @babel/plugin-transform-modules-systemjs from 7.23.0 to 7.29.7

Release notes

Sourced from @​babel/plugin-transform-modules-systemjs's releases.

v7.29.7 (2026-05-25)

Re-release all packages with npm provenance attestations

v7.29.6 (2026-05-25)

🐛 Bug Fix

Committers: 3

v7.29.5 (2026-05-05)

🏠 Internal

  • babel-preset-env
    • Update @babel/* dependencies

v7.29.4 (2026-05-05)

🐛 Bug Fix

  • babel-plugin-transform-modules-systemjs
    • #17974 [7.x backport]fix(systemjs): improve module string name support (@​JLHwung)

Committers: 1

v7.29.3 (2026-04-30)

👓 Spec Compliance

🐛 Bug Fix

  • babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators
    • #17931 fix(decorators): replace super within all removed static elements (@​JLHwung)
  • babel-register
  • babel-compat-data, babel-plugin-bugfix-safari-rest-destructuring-rhs-array, babel-preset-env

💅 Polish

  • babel-parser

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​babel/plugin-transform-modules-systemjs since your current version.


Updates flatted from 3.2.7 to 3.4.2

Commits
  • 3bf0909 3.4.2
  • 885ddcc fix CWE-1321
  • 0bdba70 added flatted-view to the benchmark
  • 2a02dce 3.4.1
  • fba4e8f Merge pull request #89 from WebReflection/python-fix
  • 5fe8648 added "when in Rome" also a test for PHP
  • 53517ad some minor improvement
  • b3e2a0c Fixing recursion issue in Python too
  • c4b46db Add SECURITY.md for security policy and reporting
  • f86d071 Create dependabot.yml for version updates
  • Additional commits viewable in compare view

Updates follow-redirects from 1.15.6 to 1.16.0

Commits
  • 0c23a22 Release version 1.16.0 of the npm package.
  • 844c4d3 Add sensitiveHeaders option.
  • 5e8b8d0 ci: add Node.js 24.x to the CI matrix
  • 7953e22 ci: upgrade GitHub Actions to use setup-node@v6 and checkout@v6
  • 86dc1f8 Sanitizing input.
  • 21ef28a Release version 1.15.11 of the npm package.
  • 7c88135 Roll back tree shaking.
  • 6e389ba Release version 1.15.10 of the npm package.
  • 5bc496e Shake me up before you go-go.
  • 694d6b4 Bump minimist from 1.2.5 to 1.2.8
  • Additional commits viewable in compare view

Updates form-data from 3.0.1 to 3.0.5

Changelog

Sourced from form-data's changelog.

v3.0.5 - 2026-06-12

Commits

  • [Fix] escape CR, LF, and " in field names and filenames 8777e67
  • [Dev Deps] update @ljharb/eslint-config, auto-changelog, eslint, tape 27c61a5
  • [Deps] update hasown 6a8a1c6

v3.0.4 - 2025-07-16

Fixed

Commits

  • [eslint] update linting config f5e7eb0
  • [meta] add auto-changelog d2eb290
  • [Tests] handle predict-v8-randomness failures in node < 17 and node > 23 e8c574c
  • [Fix] Switch to using crypto random for boundary values c6ced61
  • [Refactor] use hasown 1a78b5d
  • [Fix] validate boundary type in setBoundary() method 70bbaa0
  • [Tests] add tests to check the behavior of getBoundary with non-strings b22a64e
  • [meta] actually ensure the readme backup isn’t published 0150851
  • [meta] remove local commit hooks fc42bb9
  • [Dev Deps] remove unused deps a14d09e
  • [meta] fix scripts to use prepublishOnly 11d9f73
  • [meta] fix readme capitalization fc38b48

v3.0.3 - 2025-02-14

Merged

Fixed

Commits

  • [Refactor] use Object.prototype.hasOwnProperty.call 7fecefe
  • [Dev Deps] update @types/node, browserify, coveralls, cross-spawn, eslint, formidable, in-publish, pkgfiles, pre-commit, puppeteer, request, tape, typescript 8261fcb
  • Only apps should have lockfiles b82f590
  • [Dev Deps] pin request which via tough-cookie ^2.4 depends on psl e5df7f2
  • [Deps] update mime-types 5a5bafe

v3.0.2 - 2024-10-10

Merged

... (truncated)

Commits
  • be3f3cf v3.0.5
  • 6a8a1c6 [Deps] update hasown
  • 27c61a5 [Dev Deps] update @ljharb/eslint-config, auto-changelog, eslint, tape
  • 8777e67 [Fix] escape CR, LF, and " in field names and filenames
  • 9c82fcd v3.0.4
  • e8c574c [Tests] handle predict-v8-randomness failures in node < 17 and node > 23
  • c6ced61 [Fix] Switch to using crypto random for boundary values
  • 0150851 [meta] actually ensure the readme backup isn’t published
  • fc38b48 [meta] fix readme capitalization
  • d2eb290 [meta] add auto-changelog
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by ljharb, a new releaser for form-data since your current version.

Install script changes

This version modifies prepublish script that runs during installation. Review the package contents before updating.


Updates http-proxy-middleware from 2.0.7 to 2.0.10

Release notes

Sourced from http-proxy-middleware's releases.

v2.0.10-beta.0

What's Changed

New Contributors

Full Changelog: chimurai/http-proxy-middleware@v2.0.9...v2.0.10-beta.0

v2.0.9

What's Changed

Full Changelog: chimurai/http-proxy-middleware@v2.0.8...v2.0.9

v2.0.8

What's Changed

Full Changelog: chimurai/http-proxy-middleware@v2.0.7...v2.0.8

Changelog

Sourced from http-proxy-middleware's changelog.

v2.0.10

  • fix(router): harden proxy-table matching (exact host for host+path keys, prefix-only path matching) to prevent routing bypass

v2.0.9

  • fix(fixRequestBody): check readableLength

v2.0.8

  • fix(fixRequestBody): prevent multiple .write() calls
  • fix(fixRequestBody): handle invalid request
Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for http-proxy-middleware since your current version.


Updates js-yaml from 3.14.1 to 3.15.0

Changelog

Sourced from js-yaml's changelog.

4.3.0, 3.15.0 - 2026-06-27

Security

  • Backported maxTotalMergeKeys option.

[5.2.0] - 2026-06-26

Added

  • Added maxTotalMergeKeys (10000) loader option to limit the total number of keys processed by YAML merge (<<) across one load() / loadAll() call.
  • Added maxAliases (-1) loader option to limit the number of YAML aliases per document.

Removed

  • maxMergeSeqLength replaced with maxTotalMergeKeys for limiting YAML merge processing.

Fixed

  • Round-trip of integers with exponential form (>= 1e21)

[5.1.0] - 2026-06-23

Added

  • Collection tags can finalize an incrementally populated carrier into a different result value.

Changed

  • [breaking] quoteStyle now selects the preferred quote style; use the restored forceQuotes option to force quoting non-key strings.

[5.0.0] - 2026-06-20

Added

  • Added named exports for schemas, tags, parser events and AST utilities.
  • Reworked JSON_SCHEMA and CORE_SCHEMA with spec-compliant scalar resolution rules, and added YAML11_SCHEMA.
  • Added realMapTag for lossless mappings with non-string and complex keys. Object-based mappings now reject complex keys instead of stringifying them.
  • Added dump() transform option for changing the generated AST before rendering.
  • Added dump() options seqInlineFirst, flowBracketPadding, flowSkipCommaSpace, flowSkipColonSpace, quoteFlowKeys, quoteStyle and tagBeforeAnchor.
  • Added formal data layers (events and AST) for modular data pipelines.
    • Added low-level parser (to events), presenter and visitor APIs.
  • Added the YAML Test Suite to the test set.

Changed

  • See the migration guide for upgrade notes.
  • Rewritten in TypeScript and reorganized the public API around flat named exports.

... (truncated)

Commits

Updates jsonpath from 1.1.1 to 1.3.0

Commits

Updates nanoid from 3.3.6 to 3.3.15

Release notes

Sourced from nanoid's releases.

3.3.15

  • Fixed npm provenance error.

3.3.14

  • Fixed random pool corruption on big ID sizes.

3.3.13

  • Reduced npm package size.

3.3.12

  • Fixed breaking Nano ID by requesting big ID.

3.3.11

  • Fixed React Native support.

3.3.10

3.3.9

  • Reduced npm package size.
Changelog

Sourced from nanoid's changelog.

3.3.15

  • Fixed npm provenance error.

3.3.14

  • Fixed random pool corruption on big ID sizes.

3.3.13

  • Reduced npm package size.

3.3.12

  • Fixed breaking Nano ID by requesting big ID.

3.3.11

  • Fixed React Native support.

3.3.10

3.3.9

  • Reduced npm package size.

3.3.8

  • Fixed a way to brake Nano ID by passing non-integer size (by @​myndzi).

3.3.7

  • Fixed node16 TypeScript support (by Saadi Myftija).
Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for nanoid since your current version.


Updates node-forge from 1.3.1 to 1.4.0

Changelog

Sourced from node-forge's changelog.

1.4.0 - 2026-03-24

Security

  • HIGH: Denial of Service in BigInteger.modInverse()
    • A Denial of Service (DoS) vulnerability exists due to an infinite loop in the BigInteger.modInverse() function (inherited from the bundled jsbn library). When modInverse() is called with a zero value as input, the internal Extended Euclidean Algorithm enters an unreachable exit condition, causing the process to hang indefinitely and consume 100% CPU.
    • Reported by Kr0emer.
    • CVE ID: CVE-2026-33891
    • GHSA ID: GHSA-5gfm-wpxj-wjgq
  • HIGH: Signature forgery in RSA-PKCS due to ASN.1 extra field.
    • RSASSA PKCS#1 v1.5 signature verification accepts forged signatures for low public exponent keys (e=3). Attackers can forge signatures by stuffing "garbage" bytes within the ASN.1 structure in order to construct a signature that passes verification, enabling Bleichenbacher style forgery. This issue is similar to CVE-2022-24771, but adds bytes in an addition field within the ASN.1 structure, rather than outside of it.
    • Additionally, forge does not validate that signatures include a minimum of 8 bytes of padding as defined by the specification, providing attackers additional space to construct Bleichenbacher forgeries.
    • Reported as part of a U.C. Berkeley security research project by:
      • Austin Chu, Sohee Kim, and Corban Villa.
    • CVE ID: CVE-2026-33894
    • GHSA ID: GHSA-ppp5-5v6c-4jwp
  • HIGH: Signature forgery in Ed25519 due to missing S < L check.
    • Ed25519 signature verification accepts forged non-canonical signatures where the scalar S is not reduced modulo the group order (S >= L). A valid signature and its S + L variant both verify in forge, while Node.js crypto.verify (OpenSSL-backed) rejects the S + L variant, as defined by the specification. This class of signature malleability has been exploited in practice to bypass authentication and authorization logic (see CVE-2026-25793, CVE-2022-35961). Applications relying on signature uniqueness (i.e., dedup by signature bytes, replay tracking, signed-object canonicalization checks) may be bypassed.
    • Reported as part of a U.C. Berkeley security research project by:
      • Austin Chu, Sohee Kim, and Corban Villa.
    • CVE ID: CVE-2026-33895
    • GHSA ID: GHSA-q67f-28xg-22rw
  • HIGH: basicConstraints bypass in certificate chain verification.
    • pki.verifyCertificateChain() does not enforce RFC 5280 basicConstraints requirements when an intermediate certificate lacks both the basicConstraints and keyUsage extensions. This allows any leaf certificate (without these extensions) to act as a CA and sign other certificates, which node-forge will accept as valid.
    • Reported by Doruk Tan Ozturk (@​peaktwilight) - doruk.ch
    • CVE ID: CVE-2026-33896
    • GHSA ID: GHSA-2328-f5f3-gj25

... (truncated)

Commits

… updates

Bumps the npm_and_yarn group with 18 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [rollup](https://github.com/rollup/rollup) | `4.24.0` | `4.59.0` |
| [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) | `7.23.2` | `7.29.6` |
| [@babel/helpers](https://github.com/babel/babel/tree/HEAD/packages/babel-helpers) | `7.22.6` | `7.29.7` |
| [@babel/plugin-transform-modules-systemjs](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs) | `7.23.0` | `7.29.7` |
| [flatted](https://github.com/WebReflection/flatted) | `3.2.7` | `3.4.2` |
| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.6` | `1.16.0` |
| [form-data](https://github.com/form-data/form-data) | `3.0.1` | `3.0.5` |
| [http-proxy-middleware](https://github.com/chimurai/http-proxy-middleware) | `2.0.7` | `2.0.10` |
| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.15.0` |
| [jsonpath](https://github.com/dchester/jsonpath) | `1.1.1` | `1.3.0` |
| [nanoid](https://github.com/ai/nanoid) | `3.3.6` | `3.3.15` |
| [node-forge](https://github.com/digitalbazaar/forge) | `1.3.1` | `1.4.0` |
| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |
| [validator](https://github.com/validatorjs/validator.js) | `13.11.0` | `13.15.35` |
| [webpack-dev-server](https://github.com/webpack/webpack-dev-server) | `4.15.1` | `4.15.2` |
| [webpack](https://github.com/webpack/webpack) | `5.95.0` | `5.108.4` |
| [ws](https://github.com/websockets/ws) | `7.5.10` | `7.5.11` |
| [yaml](https://github.com/eemeli/yaml) | `1.10.2` | `1.10.3` |

Bumps the npm_and_yarn group with 1 update in the /packages/openfeature-server-provider directory: [rollup](https://github.com/rollup/rollup).
Bumps the npm_and_yarn group with 1 update in the /packages/openfeature-web-provider directory: [rollup](https://github.com/rollup/rollup).
Bumps the npm_and_yarn group with 1 update in the /packages/react directory: [rollup](https://github.com/rollup/rollup).
Bumps the npm_and_yarn group with 1 update in the /packages/sdk directory: [rollup](https://github.com/rollup/rollup).


Updates `rollup` from 4.24.0 to 4.59.0
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](rollup/rollup@v4.24.0...v4.59.0)

Updates `@babel/core` from 7.23.2 to 7.29.6
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.29.6/packages/babel-core)

Updates `@babel/helpers` from 7.22.6 to 7.29.7
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.29.7/packages/babel-helpers)

Updates `@babel/plugin-transform-modules-systemjs` from 7.23.0 to 7.29.7
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.29.7/packages/babel-plugin-transform-modules-systemjs)

Updates `flatted` from 3.2.7 to 3.4.2
- [Commits](WebReflection/flatted@v3.2.7...v3.4.2)

Updates `follow-redirects` from 1.15.6 to 1.16.0
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](follow-redirects/follow-redirects@v1.15.6...v1.16.0)

Updates `form-data` from 3.0.1 to 3.0.5
- [Changelog](https://github.com/form-data/form-data/blob/master/CHANGELOG.md)
- [Commits](form-data/form-data@v3.0.1...v3.0.5)

Updates `http-proxy-middleware` from 2.0.7 to 2.0.10
- [Release notes](https://github.com/chimurai/http-proxy-middleware/releases)
- [Changelog](https://github.com/chimurai/http-proxy-middleware/blob/v2.0.10/CHANGELOG.md)
- [Commits](chimurai/http-proxy-middleware@v2.0.7...v2.0.10)

Updates `js-yaml` from 3.14.1 to 3.15.0
- [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md)
- [Commits](nodeca/js-yaml@3.14.1...3.15.0)

Updates `jsonpath` from 1.1.1 to 1.3.0
- [Commits](https://github.com/dchester/jsonpath/commits)

Updates `nanoid` from 3.3.6 to 3.3.15
- [Release notes](https://github.com/ai/nanoid/releases)
- [Changelog](https://github.com/ai/nanoid/blob/3.3.15/CHANGELOG.md)
- [Commits](ai/nanoid@3.3.6...3.3.15)

Updates `node-forge` from 1.3.1 to 1.4.0
- [Changelog](https://github.com/digitalbazaar/forge/blob/main/CHANGELOG.md)
- [Commits](digitalbazaar/forge@v1.3.1...v1.4.0)

Updates `picomatch` from 2.3.1 to 2.3.2
- [Release notes](https://github.com/micromatch/picomatch/releases)
- [Changelog](https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md)
- [Commits](micromatch/picomatch@2.3.1...2.3.2)

Updates `underscore` from 1.12.1 to 1.13.6
- [Commits](jashkenas/underscore@1.12.1...1.13.6)

Updates `validator` from 13.11.0 to 13.15.35
- [Release notes](https://github.com/validatorjs/validator.js/releases)
- [Changelog](https://github.com/validatorjs/validator.js/blob/master/CHANGELOG.md)
- [Commits](validatorjs/validator.js@13.11.0...13.15.35)

Updates `webpack-dev-server` from 4.15.1 to 4.15.2
- [Release notes](https://github.com/webpack/webpack-dev-server/releases)
- [Changelog](https://github.com/webpack/webpack-dev-server/blob/v4.15.2/CHANGELOG.md)
- [Commits](webpack/webpack-dev-server@v4.15.1...v4.15.2)

Updates `webpack` from 5.95.0 to 5.108.4
- [Release notes](https://github.com/webpack/webpack/releases)
- [Changelog](https://github.com/webpack/webpack/blob/main/CHANGELOG.md)
- [Commits](webpack/webpack@v5.95.0...v5.108.4)

Updates `ws` from 7.5.10 to 7.5.11
- [Release notes](https://github.com/websockets/ws/releases)
- [Commits](websockets/ws@7.5.10...7.5.11)

Updates `yaml` from 1.10.2 to 1.10.3
- [Release notes](https://github.com/eemeli/yaml/releases)
- [Commits](eemeli/yaml@v1.10.2...v1.10.3)

Updates `rollup` from 4.24.0 to 4.59.0
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](rollup/rollup@v4.24.0...v4.59.0)

Updates `rollup` from 4.24.0 to 4.59.0
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](rollup/rollup@v4.24.0...v4.59.0)

Updates `rollup` from 4.24.0 to 4.59.0
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](rollup/rollup@v4.24.0...v4.59.0)

Updates `rollup` from 4.24.0 to 4.59.0
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](rollup/rollup@v4.24.0...v4.59.0)

Updates `rollup` from 4.24.0 to 4.59.0
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](rollup/rollup@v4.24.0...v4.59.0)

Updates `rollup` from 4.24.0 to 4.59.0
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](rollup/rollup@v4.24.0...v4.59.0)

Updates `rollup` from 4.24.0 to 4.59.0
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](rollup/rollup@v4.24.0...v4.59.0)

Updates `rollup` from 4.24.0 to 4.59.0
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](rollup/rollup@v4.24.0...v4.59.0)

Updates `rollup` from 4.24.0 to 4.59.0
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](rollup/rollup@v4.24.0...v4.59.0)

Updates `rollup` from 4.24.0 to 4.59.0
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](rollup/rollup@v4.24.0...v4.59.0)

Updates `rollup` from 4.24.0 to 4.59.0
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](rollup/rollup@v4.24.0...v4.59.0)

Updates `rollup` from 4.24.0 to 4.59.0
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](rollup/rollup@v4.24.0...v4.59.0)

Updates `rollup` from 4.24.0 to 4.59.0
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](rollup/rollup@v4.24.0...v4.59.0)

Updates `rollup` from 4.24.0 to 4.59.0
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](rollup/rollup@v4.24.0...v4.59.0)

Updates `rollup` from 4.24.0 to 4.59.0
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](rollup/rollup@v4.24.0...v4.59.0)

Updates `rollup` from 4.24.0 to 4.59.0
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](rollup/rollup@v4.24.0...v4.59.0)

Updates `rollup` from 4.24.0 to 4.59.0
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](rollup/rollup@v4.24.0...v4.59.0)

Updates `rollup` from 4.24.0 to 4.59.0
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](rollup/rollup@v4.24.0...v4.59.0)

Updates `rollup` from 4.24.0 to 4.59.0
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](rollup/rollup@v4.24.0...v4.59.0)

Updates `rollup` from 4.24.0 to 4.59.0
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](rollup/rollup@v4.24.0...v4.59.0)

Updates `rollup` from 4.24.0 to 4.59.0
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](rollup/rollup@v4.24.0...v4.59.0)

Updates `rollup` from 4.24.0 to 4.59.0
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](rollup/rollup@v4.24.0...v4.59.0)

Updates `rollup` from 4.24.0 to 4.59.0
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](rollup/rollup@v4.24.0...v4.59.0)

Updates `rollup` from 4.24.0 to 4.59.0
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](rollup/rollup@v4.24.0...v4.59.0)

---
updated-dependencies:
- dependency-name: rollup
  dependency-version: 4.59.0
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: "@babel/core"
  dependency-version: 7.29.6
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: "@babel/helpers"
  dependency-version: 7.29.7
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: "@babel/plugin-transform-modules-systemjs"
  dependency-version: 7.29.7
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: flatted
  dependency-version: 3.4.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: follow-redirects
  dependency-version: 1.16.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: form-data
  dependency-version: 3.0.5
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: http-proxy-middleware
  dependency-version: 2.0.10
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: js-yaml
  dependency-version: 3.15.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: jsonpath
  dependency-version: 1.3.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: nanoid
  dependency-version: 3.3.15
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: node-forge
  dependency-version: 1.4.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: picomatch
  dependency-version: 2.3.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: underscore
  dependency-version: 1.13.6
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: validator
  dependency-version: 13.15.35
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: webpack-dev-server
  dependency-version: 4.15.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: webpack
  dependency-version: 5.108.4
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: ws
  dependency-version: 7.5.11
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: yaml
  dependency-version: 1.10.3
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: rollup
  dependency-version: 4.59.0
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: rollup
  dependency-version: 4.59.0
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: rollup
  dependency-version: 4.59.0
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: rollup
  dependency-version: 4.59.0
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: rollup
  dependency-version: 4.59.0
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: rollup
  dependency-version: 4.59.0
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: rollup
  dependency-version: 4.59.0
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: rollup
  dependency-version: 4.59.0
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: rollup
  dependency-version: 4.59.0
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: rollup
  dependency-version: 4.59.0
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: rollup
  dependency-version: 4.59.0
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: rollup
  dependency-version: 4.59.0
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: rollup
  dependency-version: 4.59.0
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: rollup
  dependency-version: 4.59.0
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: rollup
  dependency-version: 4.59.0
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: rollup
  dependency-version: 4.59.0
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: rollup
  dependency-version: 4.59.0
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: rollup
  dependency-version: 4.59.0
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: rollup
  dependency-version: 4.59.0
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: rollup
  dependency-version: 4.59.0
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: rollup
  dependency-version: 4.59.0
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: rollup
  dependency-version: 4.59.0
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: rollup
  dependency-version: 4.59.0
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: rollup
  dependency-version: 4.59.0
  dependency-type: direct:development
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jul 7, 2026
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jul 7, 2026
@dependabot @github

dependabot Bot commented on behalf of github Jul 7, 2026

Copy link
Copy Markdown
Contributor Author

Superseded by #407.

@dependabot dependabot Bot closed this Jul 7, 2026
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/npm_and_yarn-82ffb0bba8 branch July 7, 2026 06:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants