mirror of
https://github.com/open-webui/open-webui.git
synced 2026-07-16 23:21:44 -05:00
[PR #22769] [CLOSED] chore(deps): bump the npm_and_yarn group across 1 directory with 13 updates #26856
Reference in New Issue
Block a user
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
📋 Pull Request Information
Original PR: https://github.com/open-webui/open-webui/pull/22769
Author: @dependabot[bot]
Created: 3/17/2026
Status: ❌ Closed
Base:
main← Head:dependabot/npm_and_yarn/npm_and_yarn-289a4d1b78📝 Commits (1)
38b9768chore(deps): bump the npm_and_yarn group across 1 directory with 13 updates📊 Changes
2 files changed (+564 additions, -694 deletions)
View changed files
📝
package-lock.json(+557 -687)📝
package.json(+7 -7)📄 Description
Bumps the npm_and_yarn group with 12 updates in the / directory:
3.2.63.3.34.0.04.2.17.11.07.24.46.21.26.24.15.42.25.53.133.1.23.1.55.0.35.1.54.1.04.1.114.1.014.1.16.13.06.14.24.22.44.59.07.4.37.5.111.13.71.13.8Updates
dompurifyfrom 3.2.6 to 3.3.3Release notes
Sourced from dompurify's releases.
Commits
8bcbf73chore: Preparing 3.3.3 release5faddd6fix: engine requirement (#1210)0f91e3aUpdate README.mdd5ff1a8Merge branch 'main' of github.com:cure53/DOMPurifyc3efd48fix: moved back from jsdom 28 to jsdom 20988b888fix: moved back from jsdom 28 to jsdom 202726c74chore: Preparing 3.3.2 release6202c7ebuild(deps): bump@tootallnate/onceand jsdom (#1204)302b51dfix: Expanded the regex ever so slightly to also cover scriptcd85175Merge branch 'main' of github.com:cure53/DOMPurifyUpdates
jspdffrom 4.0.0 to 4.2.1Release notes
Sourced from jspdf's releases.
Commits
4562ce84.2.14155c48Merge commit from fork87a40bbMerge commit from forkb1607a9Bump minimatch from 3.1.2 to 3.1.5 (#3961)42ac890Bump rollup from 2.79.2 to 2.80.0 (#3960)7af912c4.2.056b46d4Merge commit from fork2e5e156Merge commit from fork71ad2dbMerge commit from fork885a777fix: upgrade@babel/runtimefrom 7.28.4 to 7.28.6 (#3954)Updates
undicifrom 7.11.0 to 7.24.4Release notes
Sourced from undici's releases.
... (truncated)
Commits
4991f3eBumped v7.24.4ea3a06dfix(fetch): preserve path for credentialed URLs (#4892)9b96516Bumped v7.24.37926660Ignore .githuman9eaa5affix(h2): TypeError: Cannot read properties of null (reading 'push') in Reques...a9bfe21ignore .pif2e155bBumped v7.24.24d2d1afremove maxDecompressedMessageSize (#4891)3a05a4ffix fetch path logic (#4890)23e3cd3Bumped v7.24.1Maintainer changes
This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for undici since your current version.
Updates
undicifrom 6.21.2 to 6.24.1Release notes
Sourced from undici's releases.
... (truncated)
Commits
4991f3eBumped v7.24.4ea3a06dfix(fetch): preserve path for credentialed URLs (#4892)9b96516Bumped v7.24.37926660Ignore .githuman9eaa5affix(h2): TypeError: Cannot read properties of null (reading 'push') in Reques...a9bfe21ignore .pif2e155bBumped v7.24.24d2d1afremove maxDecompressedMessageSize (#4891)3a05a4ffix fetch path logic (#4890)23e3cd3Bumped v7.24.1Maintainer changes
This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for undici since your current version.
Updates
sveltefrom 5.42.2 to 5.53.13Release notes
Sourced from svelte's releases.
... (truncated)
Changelog
Sourced from svelte's changelog.
... (truncated)
Commits
6a303c3Version Packages (#17936)f081a6cfix: resume inert effects when they come from offscreen (#17942)1cd0645fix: remove nodes in boundary when work is pending and HMR is active (#17932)32a48edfix: don't eagerly access not-yet-initialized functions in template (#17938)b472171fix: ensure$inspectafter top level await doesn't break builds (#17943)d4bd6adfix: ensure "is standalone child" is correctly reset (#17944)98e8b63fix: discard batches made obsolete by commit (#17934)8b86bddVersion Packages (#17919)dcf4865chore: add "untracked allows writes" test (#17930)1ebed68fix: avoid traversing clean roots (#17928)Updates
minimatchfrom 3.1.2 to 3.1.5Commits
7bba9783.1.5bd25942docs: add warning about ReDoS1a9c27cfix partial matching of globstar patterns1a2e0843.1.4ae24656update lockfileb100374limit recursion for **, improve perf considerably26ffeaalockfile update9eca892lock node version to 1400c323b3.1.330486b2update CI matrix and actionsUpdates
devaluefrom 5.1.1 to 5.6.4Release notes
Sourced from devalue's releases.
... (truncated)
Changelog
Sourced from devalue's changelog.
... (truncated)
Commits
6cbb3f5Version Packages (#133)40f1db1Merge commit from fork87c1f3cMerge commit from forka4a37d2Version Packages (#132)819f1acMerge commit from fork0f04d4dMerge commit from forkfcf4e88fix tests1d8a5eaVersion Packages (#131)1175584Merge commit from forke46afa6Merge commit from forkMaintainer changes
This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for devalue since your current version.
Updates
immutablefrom 5.0.3 to 5.1.5Release notes
Sourced from immutable's releases.
... (truncated)
Changelog
Sourced from immutable's changelog.
... (truncated)
Commits
b37b8555.1.516b3313Merge commit from forkfd2ef49fix new proto key injection6734b7bfix Prototype Pollution in mergeDeep, toJS, etc.6f772deMerge pull request #2175 from immutable-js/dependabot/npm_and_yarn/rollup-4.59.05f3dc61Bump rollup from 4.34.8 to 4.59.0049a594Merge pull request #2173 from immutable-js/dependabot/npm_and_yarn/lodash-4.1...2481a77Merge pull request #2172 from mrazauskas/update-tstycheeb04779Bump lodash from 4.17.21 to 4.17.23b973bf3formatMaintainer changes
This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for immutable since your current version.
Updates
js-yamlfrom 4.1.0 to 4.1.1Changelog
Sourced from js-yaml's changelog.
Commits
cc482e74.1.1 released50968b8dist rebuildd092d86lint fix383665ffix prototype pollution in merge (<<)0d3ca7aREADME.md: HTTP => HTTPS (#678)49baadddoc: 'empty' style option for !!nullba3460eFix demo link (#618)Updates
markdown-itfrom 14.1.0 to 14.1.1Changelog
Sourced from markdown-it's changelog.
Commits
b4a9b6514.1.1 released4b4bbcaFixed perf regression in linkify-it wrapperd2782d8Add supplementary example-driven documentation (#1092)Updates
qsfrom 6.13.0 to 6.14.2Changelog
Sourced from qs's changelog.
... (truncated)
Commits
bdcf0c7v6.14.2294db90[readme] document thataddQueryPrefixdoes not add?to empty output5c308e5[readme] clarifyparseArraysandarrayLimitdocumentation6addf8c[Fix]parse: mark overflow objects for indexed notation exceedingarrayLimitcfc108f[Fix]arrayLimitmeans max count, not max index, incombine/merge/`pars...febb644[Fix]parse: throw onarrayLimitexceeded with indexed notation when `thr...f6a7abf[Fix]parse: enforcearrayLimitoncomma-parsed valuesfbc5206[Fix]parse: fix error message to reflect arrayLimit as max index; remove e...1b9a8b4[actions] fix rebase workflow permissions2a35775[meta] fix changelog typo (arrayLength→arrayLimit)Updates
rollupfrom 4.22.4 to 4.59.0Release notes
Sourced from rollup's releases.