mirror of
https://github.com/open-webui/open-webui.git
synced 2026-07-16 06:03:26 -05:00
[PR #22872] [CLOSED] chore(deps): bump the npm_and_yarn group across 1 directory with 15 updates #49948
Reference in New Issue
Block a user
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
📋 Pull Request Information
Original PR: https://github.com/open-webui/open-webui/pull/22872
Author: @dependabot[bot]
Created: 3/20/2026
Status: ❌ Closed
Base:
main← Head:dependabot/npm_and_yarn/npm_and_yarn-41f0952b8d📝 Commits (1)
34a4800chore(deps): bump the npm_and_yarn group across 1 directory with 15 updates📊 Changes
2 files changed (+597 additions, -702 deletions)
View changed files
📝
package-lock.json(+590 -695)📝
package.json(+7 -7)📄 Description
Bumps the npm_and_yarn group with 14 updates in the / directory:
3.2.63.3.34.0.04.2.17.11.07.24.56.21.26.24.15.42.25.54.03.1.23.1.53.3.13.4.25.0.35.1.54.1.04.1.114.1.014.1.16.13.06.14.24.22.44.59.04.2.44.2.67.4.37.5.111.13.71.13.8Updates
dompurifyfrom 3.2.6 to 3.3.3Release notes
Sourced from dompurify's releases.
Commits
8bcbf73chore: Preparing 3.3.3 release5faddd6fix: engine requirement (#1210)0f91e3aUpdate README.mdd5ff1a8Merge branch 'main' of github.com:cure53/DOMPurifyc3efd48fix: moved back from jsdom 28 to jsdom 20988b888fix: moved back from jsdom 28 to jsdom 202726c74chore: Preparing 3.3.2 release6202c7ebuild(deps): bump@tootallnate/onceand jsdom (#1204)302b51dfix: Expanded the regex ever so slightly to also cover scriptcd85175Merge branch 'main' of github.com:cure53/DOMPurifyUpdates
jspdffrom 4.0.0 to 4.2.1Release notes
Sourced from jspdf's releases.
Commits
4562ce84.2.14155c48Merge commit from fork87a40bbMerge commit from forkb1607a9Bump minimatch from 3.1.2 to 3.1.5 (#3961)42ac890Bump rollup from 2.79.2 to 2.80.0 (#3960)7af912c4.2.056b46d4Merge commit from fork2e5e156Merge commit from fork71ad2dbMerge commit from fork885a777fix: upgrade@babel/runtimefrom 7.28.4 to 7.28.6 (#3954)Updates
undicifrom 7.11.0 to 7.24.5Release notes
Sourced from undici's releases.
... (truncated)
Commits
51fd661Bumped v7.24.5 (#4915)9077500fix(cache): only apply 1-year deleteAt for immutable responses (#4913)1c5dc1atest: add unexpected disconnect guards to more client test files (#4844)2885361Formdata tests (#4902)4991f3eBumped v7.24.4ea3a06dfix(fetch): preserve path for credentialed URLs (#4892)9b96516Bumped v7.24.37926660Ignore .githuman9eaa5affix(h2): TypeError: Cannot read properties of null (reading 'push') in Reques...a9bfe21ignore .piMaintainer changes
This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for undici since your current version.
Updates
undicifrom 6.21.2 to 6.24.1Release notes
Sourced from undici's releases.
... (truncated)
Commits
51fd661Bumped v7.24.5 (#4915)9077500fix(cache): only apply 1-year deleteAt for immutable responses (#4913)1c5dc1atest: add unexpected disconnect guards to more client test files (#4844)2885361Formdata tests (#4902)4991f3eBumped v7.24.4ea3a06dfix(fetch): preserve path for credentialed URLs (#4892)9b96516Bumped v7.24.37926660Ignore .githuman9eaa5affix(h2): TypeError: Cannot read properties of null (reading 'push') in Reques...a9bfe21ignore .piMaintainer changes
This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for undici since your current version.
Updates
sveltefrom 5.42.2 to 5.54.0Release notes
Sourced from svelte's releases.
... (truncated)
Changelog
Sourced from svelte's changelog.
... (truncated)
Commits
7ec156aVersion Packages (#17953)c89f6abfeat: allowcss,runes,customElementcompiler options to be functions ...5faf102fix: reinstate reactivity loss tracking (#17801)6a303c3Version Packages (#17936)f081a6cfix: resume inert effects when they come from offscreen (#17942)1cd0645fix: remove nodes in boundary when work is pending and HMR is active (#17932)32a48edfix: don't eagerly access not-yet-initialized functions in template (#17938)b472171fix: ensure$inspectafter top level await doesn't break builds (#17943)d4bd6adfix: ensure "is standalone child" is correctly reset (#17944)98e8b63fix: discard batches made obsolete by commit (#17934)Updates
minimatchfrom 3.1.2 to 3.1.5Commits
7bba9783.1.5bd25942docs: add warning about ReDoS1a9c27cfix partial matching of globstar patterns1a2e0843.1.4ae24656update lockfileb100374limit recursion for **, improve perf considerably26ffeaalockfile update9eca892lock node version to 1400c323b3.1.330486b2update CI matrix and actionsUpdates
devaluefrom 5.1.1 to 5.6.4Release notes
Sourced from devalue's releases.
... (truncated)
Changelog
Sourced from devalue's changelog.
... (truncated)
Commits
6cbb3f5Version Packages (#133)40f1db1Merge commit from fork87c1f3cMerge commit from forka4a37d2Version Packages (#132)819f1acMerge commit from fork0f04d4dMerge commit from forkfcf4e88fix tests1d8a5eaVersion Packages (#131)1175584Merge commit from forke46afa6Merge commit from forkMaintainer changes
This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for devalue since your current version.
Updates
flattedfrom 3.3.1 to 3.4.2Commits
3bf09093.4.2885ddccfix CWE-13210bdba70added flatted-view to the benchmark2a02dce3.4.1fba4e8fMerge pull request #89 from WebReflection/python-fix5fe8648added "when in Rome" also a test for PHP53517adsome minor improvementb3e2a0cFixing recursion issue in Python tooc4b46dbAdd SECURITY.md for security policy and reportingf86d071Create dependabot.yml for version updatesUpdates
immutablefrom 5.0.3 to 5.1.5Release notes
Sourced from immutable's releases.
... (truncated)
Changelog
Sourced from immutable's changelog.
... (truncated)
Commits
b37b8555.1.516b3313Merge commit from forkfd2ef49fix new proto key injection6734b7bfix Prototype Pollution in mergeDeep, toJS, etc.6f772deMerge pull request #2175 from immutable-js/dependabot/npm_and_yarn/rollup-4.59.05f3dc61Bump rollup from 4.34.8 to 4.59.0049a594Merge pull request #2173 from immutable-js/dependabot/npm_and_yarn/lodash-4.1...2481a77Merge pull request #2172 from mrazauskas/update-tstycheeb04779Bump lodash from 4.17.21 to 4.17.23b973bf3formatMaintainer changes
This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for immutable since your current version.
Updates
js-yamlfrom 4.1.0 to 4.1.1Changelog
Sourced from js-yaml's changelog.
Commits
cc482e74.1.1 released50968b8dist rebuildd092d86lint fix383665ffix prototype pollution in merge (<<)0d3ca7aREADME.md: HTTP => HTTPS (#678)49baadddoc: 'empty' style option for !!nullba3460eFix demo link (#618)Updates
markdown-itfrom 14.1.0 to 14.1.1Changelog
Sourced from markdown-it's changelog.
Commits
b4a9b6514.1.1 released4b4bbcaFixed perf regression in linkify-it wrapperd2782d8Add supplementary example-driven documentation (#1092)Updates
qsfrom 6.13.0 to 6.14.2Changelog
Sourced from qs's changelog.
... (truncated)
Commits
bdcf0c7v6.14.2294db90[readme] document thataddQueryPrefixdoes not add?to empty output5c308e5[readme] clarifyparseArraysandarrayLimitdocumentation6addf8c[Fix]parse: mark overflow objects for indexed notation exceedingarrayLimitcfc108f[Fix]arrayLimitmeans max count, not max index, incombine/merge/`pars...febb644[Fix]parse: throw onarrayLimitexceeded with indexed notation when `thr...f6a7abf[Fix]parse: enforcearrayLimitoncomma-parsed valuesfbc5206[Fix]parse: fix error message to reflect arrayLimit as max index; remove e...1b9a8b4[actions] fix rebase workflow permissions2a35775[meta] fix changelog typo (arrayLength→arrayLimit)Updates
rollupfrom 4.22.4 to 4.59.0Release notes
Sourced from rollup's releases.