Skip to content

chore(deps): bump the npm_and_yarn group across 1 directory with 8 updates #417

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore(deps): bump the npm_and_yarn group across 1 directory with 8 updates #417

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 23, 2026

Bumps the npm_and_yarn group with 7 updates in the / directory:

Package From To
next 14.2.32 14.2.35
storybook 8.1.6 8.6.15
wrangler 3.79.0 3.114.17
diff 5.2.0 5.2.2
js-yaml 3.14.1 3.14.2
lodash 4.17.21 4.17.23
qs 6.12.1 6.13.0

Updates next from 14.2.32 to 14.2.35

Release notes

Sourced from next's releases.

v14.2.35

Please see the Next.js Security Update for information about this security patch.

Commits

Updates storybook from 8.1.6 to 8.6.15

Release notes

Sourced from storybook's releases.

v8.6.15

8.6.15

Changelog

Sourced from storybook's changelog.

10.2.0

Improved UI and story authoring ergonomics

Storybook 10.2 contains hundreds of fixes and improvement including:

  • 💅 New Viewports and Zoom UI
  • 🏭 Typesafe CSF factories for Vue, Angular, Web Components (preview)
  • 📄 MDX support for Storybook MCP (experimental)

... (truncated)

Commits
  • 3812b43 Bump version from 8.6.14 to 8.6.15 MANUALLY
  • 4a04cb2 filter env vars from .env files
  • ab87178 Bump version from "8.6.13" to "8.6.14" [skip ci]
  • b210eed Update frameworks.ts
  • fe5ea89 Fix lint
  • 8c12257 Merge branch 'latest-release'
  • 8fa9049 Bump version from "8.6.12" to "8.6.13" [skip ci]
  • 31fcb75 Merge pull request #30930 from storybookjs/shilman/cli-new-users
  • 9c3f7f1 Merge pull request #28413 from yann-combarnous/fix/interaction-call-date-param
  • 1c35b29 Bump version from "8.6.11" to "8.6.12" [skip ci]
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by storybook-bot, a new releaser for storybook since your current version.


Updates wrangler from 3.79.0 to 3.114.17

Release notes

Sourced from wrangler's releases.

wrangler@3.114.17

Patch Changes

  • #11891 6d5557b Thanks @​emily-shen! - Use argument array when executing git commands with wrangler pages deploy

    Pass user provided values from --commit-hash safely to underlying git command.

wrangler@3.114.16

Patch Changes

  • #11689 9bab0a0 Thanks @​ascorbic! - Display a warning when authentication errors occur and the account_id in your Wrangler configuration does not match any of your authenticated accounts. This helps identify configuration issues where you may have the wrong account ID set in your wrangler.toml or wrangler.jsonc file.

  • #10737 c41a078 Thanks @​workers-devprod! - Allow WRANGLER_SEND_ERROR_REPORTS env var to override whether to report Wrangler crashes to Sentry

  • #11134 bd39455 Thanks @​petebacondarwin! - Reduce the amount of arguments being passed in metrics capture.

    Now the argument values that are captured come from an allow list, and can be marked as ALLOW (capture the real value) or REDACT (capture as "").

  • #11020 9cb702e Thanks @​dario-piotrowicz! - Fix observability.logs.persist being flagged as an unexpected field during the wrangler config file validation

  • #11147 cf4993b Thanks @​FlorentCollin! - Improve the formatting of the D1 execute command to always show the duration in milliseconds with two decimal places.

  • #11650 cc29ead Thanks @​ascorbic! - fix: respect TypeScript path aliases when resolving non-JS modules with module rules

    When importing non-JavaScript files (like .graphql, .txt, etc.) using TypeScript path aliases defined in tsconfig.json, Wrangler's module-collection plugin now correctly resolves these imports. Previously, path aliases were only respected for JavaScript/TypeScript files, causing imports like import schema from '~lib/schema.graphql' to fail when using module rules.

  • #11179 7f779e9 Thanks @​ascorbic! - Log a more helpful error when attempting to "r2 object put" a non-existent file

  • #11501 c78d942 Thanks @​edmundhung! - fix: prevent reporting SQLite error from wrangler d1 execute to Sentry

  • #11262 b2683f7 Thanks @​workers-devprod! - Avoid using object lookup for OAuth Error classes

  • #11107 d8037d3 Thanks @​workers-devprod! - Fixed conflict between --env and --expires flags in wrangler r2 object put.

    --e now aliases --env only, and NOT --expires.

  • #10961 02d2ea9 Thanks @​devin-ai-integration! - Acquire Cloudflare Access tokens for additional requests made during a wrangler dev --remote session

  • #11108 892ec4f Thanks @​emily-shen! - Fixed self-bindings (service bindings to the same worker) showing as [not connected] in wrangler dev. Self-bindings now correctly show as [connected] since a worker is always available to itself.

  • #11138 3db872a Thanks @​devin-ai-integration! - Implement tail-based logging for wrangler dev remote mode, behind the --x-tail-tags flag. This will become the default in the future.

  • #10889 204616c Thanks @​workers-devprod! - Clarify that wrangler check startup generates a local CPU profile

  • #11491 ed8aaef Thanks @​edmundhung! - Explicitly close FileHandle in wrangler d1 execute to support Node 25

  • #10962 203e599 Thanks @​devin-ai-integration! - Fixed duplicate warning messages appearing during wrangler dev when configuration changes or state transitions occur

  • #11601 62754f8 Thanks @​petebacondarwin! - Fix "TypeError: Body is unusable: Body has already been read" when failing to exchange oauth code because of double response.text().

... (truncated)

Changelog

Sourced from wrangler's changelog.

3.114.17

Patch Changes

  • #11891 6d5557b Thanks @​emily-shen! - Use argument array when executing git commands with wrangler pages deploy

    Pass user provided values from --commit-hash safely to underlying git command.

3.114.16

Patch Changes

  • #11689 9bab0a0 Thanks @​ascorbic! - Display a warning when authentication errors occur and the account_id in your Wrangler configuration does not match any of your authenticated accounts. This helps identify configuration issues where you may have the wrong account ID set in your wrangler.toml or wrangler.jsonc file.

  • #10737 c41a078 Thanks @​workers-devprod! - Allow WRANGLER_SEND_ERROR_REPORTS env var to override whether to report Wrangler crashes to Sentry

  • #11134 bd39455 Thanks @​petebacondarwin! - Reduce the amount of arguments being passed in metrics capture.

    Now the argument values that are captured come from an allow list, and can be marked as ALLOW (capture the real value) or REDACT (capture as "").

  • #11020 9cb702e Thanks @​dario-piotrowicz! - Fix observability.logs.persist being flagged as an unexpected field during the wrangler config file validation

  • #11147 cf4993b Thanks @​FlorentCollin! - Improve the formatting of the D1 execute command to always show the duration in milliseconds with two decimal places.

  • #11650 cc29ead Thanks @​ascorbic! - fix: respect TypeScript path aliases when resolving non-JS modules with module rules

    When importing non-JavaScript files (like .graphql, .txt, etc.) using TypeScript path aliases defined in tsconfig.json, Wrangler's module-collection plugin now correctly resolves these imports. Previously, path aliases were only respected for JavaScript/TypeScript files, causing imports like import schema from '~lib/schema.graphql' to fail when using module rules.

  • #11179 7f779e9 Thanks @​ascorbic! - Log a more helpful error when attempting to "r2 object put" a non-existent file

  • #11501 c78d942 Thanks @​edmundhung! - fix: prevent reporting SQLite error from wrangler d1 execute to Sentry

  • #11262 b2683f7 Thanks @​workers-devprod! - Avoid using object lookup for OAuth Error classes

  • #11107 d8037d3 Thanks @​workers-devprod! - Fixed conflict between --env and --expires flags in wrangler r2 object put.

    --e now aliases --env only, and NOT --expires.

  • #10961 02d2ea9 Thanks @​devin-ai-integration! - Acquire Cloudflare Access tokens for additional requests made during a wrangler dev --remote session

  • #11108 892ec4f Thanks @​emily-shen! - Fixed self-bindings (service bindings to the same worker) showing as [not connected] in wrangler dev. Self-bindings now correctly show as [connected] since a worker is always available to itself.

  • #11138 3db872a Thanks @​devin-ai-integration! - Implement tail-based logging for wrangler dev remote mode, behind the --x-tail-tags flag. This will become the default in the future.

  • #10889 204616c Thanks @​workers-devprod! - Clarify that wrangler check startup generates a local CPU profile

  • #11491 ed8aaef Thanks @​edmundhung! - Explicitly close FileHandle in wrangler d1 execute to support Node 25

  • #10962 203e599 Thanks @​devin-ai-integration! - Fixed duplicate warning messages appearing during wrangler dev when configuration changes or state transitions occur

... (truncated)

Commits
  • f21ee75 Version Packages (#11895)
  • 6d5557b fix: execute git commands in pages deploy safely (#11889) (#11891)
  • 0e19ae9 Version Packages (#10906)
  • 3db872a [v3 backport] Backport tail-based logging from #11135 and #11346 (#11138)
  • 02d2ea9 Fix remote dev with Access (#10961)
  • 9bab0a0 fix(wrangler): add warning when account_id mismatch detected on auth error (v...
  • 4b18c6f Introduce internal isWorkerNotFoundError utility and avoid worker-not-found...
  • ed8aaef fix(wrangler): close FileHandle in to support Node 25 (#11491)
  • c78d942 V3 backport of #11467: prevent SQLite users error from being reported to Sent...
  • cc29ead fix: respect TypeScript path aliases when resolving non-JS modules with modul...
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for wrangler since your current version.


Updates cookie from 0.5.0 to 0.6.0

Release notes

Sourced from cookie's releases.

0.6.0

  • Add partitioned option
Changelog

Sourced from cookie's changelog.

0.6.0 / 2023-11-06

  • Add partitioned option
Commits

Updates diff from 5.2.0 to 5.2.2

Changelog

Sourced from diff's changelog.

Release Notes

8.0.3

  • #631 - fix support for using an Intl.Segmenter with diffWords. This has been almost completely broken since the feature was added in v6.0.0, since it would outright crash on any text that featured two consecutive newlines between a pair of words (a very common case).
  • #635 - small tweaks to tokenization behaviour of diffWords when used without an Intl.Segmenter. Specifically, the soft hyphen (U+00AD) is no longer considered to be a word break, and the multiplication and division signs (× and ÷) are now treated as punctuation instead of as letters / word characters.
  • #641 - the format of file headers in createPatch etc. patches can now be customised somewhat. It now takes a headerOptions option that can be used to disable the file headers entirely, or omit the Index: line and/or the underline. In particular, this was motivated by a request to make jsdiff patches compatible with react-diff-view, which they now are if produced with headerOptions: FILE_HEADERS_ONLY.
  • #647 and #649 - fix denial-of-service vulnerabilities in parsePatch whereby adversarial input could cause a memory-leaking infinite loop, typically crashing the calling process. Also fixed ReDOS vulnerabilities whereby adversarially-crafted patch headers could take cubic time to parse. Now, parsePatch should reliably take linear time. (Handling of headers that include the line break characters \r, \u2028, or \u2029 in non-trailing positions is also now more reasonable as side effect of the fix.)

8.0.2

  • #616 Restored compatibility of diffSentences with old Safari versions. This was broken in 8.0.0 by the introduction of a regex with a lookbehind assertion; these weren't supported in Safari prior to version 16.4.
  • #612 Improved tree shakeability by marking the built CJS and ESM packages with sideEffects: false.

8.0.1

  • #610 Fixes types for diffJson which were broken by 8.0.0. The new bundled types in 8.0.0 only allowed diffJson to be passed string arguments, but it should've been possible to pass either strings or objects (and now is). Thanks to Josh Kelley for the fix.

8.0.0

  • #580 Multiple tweaks to diffSentences:
    • tokenization no longer takes quadratic time on pathological inputs (reported as a ReDOS vulnerability by Snyk); is now linear instead
    • the final sentence in the string is now handled the same by the tokenizer regardless of whether it has a trailing punctuation mark or not. (Previously, "foo. bar." tokenized to ["foo.", " ", "bar."] but "foo. bar" tokenized to ["foo.", " bar"] - i.e. whether the space between sentences was treated as a separate token depended upon whether the final sentence had trailing punctuation or not. This was arbitrary and surprising; it is no longer the case.)
    • in a string that starts with a sentence end, like "! hello.", the "!" is now treated as a separate sentence
    • the README now correctly documents the tokenization behaviour (it was wrong before)
  • #581 - fixed some regex operations used for tokenization in diffWords taking O(n^2) time in pathological cases
  • #595 - fixed a crash in patch creation functions when handling a single hunk consisting of a very large number (e.g. >130k) of lines. (This was caused by spreading indefinitely-large arrays to .push() using .apply or the spread operator and hitting the JS-implementation-specific limit on the maximum number of arguments to a function, as shown at https://stackoverflow.com/a/56809779/1709587; thus the exact threshold to hit the error will depend on the environment in which you were running JsDiff.)
  • #596 - removed the merge function. Previously JsDiff included an undocumented function called merge that was meant to, in some sense, merge patches. It had at least a couple of serious bugs that could lead to it returning unambiguously wrong results, and it was difficult to simply "fix" because it was unclear precisely what it was meant to do. For now, the fix is to remove it entirely.
  • #591 - JsDiff's source code has been rewritten in TypeScript. This change entails the following changes for end users:

    • the diff package on npm now includes its own TypeScript type definitions. Users who previously used the @types/diff npm package from DefinitelyTyped should remove that dependency when upgrading JsDiff to v8.

      Note that the transition from the DefinitelyTyped types to JsDiff's own type definitions includes multiple fixes and also removes many exported types previously used for options arguments to diffing and patch-generation functions. (There are now different exported options types for abortable calls - ones with a timeout or maxEditLength that may give a result of undefined - and non-abortable calls.) See the TypeScript section of the README for some usage tips.

    • The Diff object is now a class. Custom extensions of Diff, as described in the "Defining custom diffing behaviors" section of the README, can therefore now be done by writing a class CustomDiff extends Diff and overriding methods, instead of the old way based on prototype inheritance. (I think code that did things the old way should still work, though!)

    • diff/lib/index.es6.js and diff/lib/index.mjs no longer exist, and the ESM version of the library is no longer bundled into a single file.

    • The ignoreWhitespace option for diffWords is no longer included in the type declarations. The effect of passing ignoreWhitespace: true has always been to make diffWords just call diffWordsWithSpace instead, which was confusing, because that behaviour doesn't seem properly described as "ignoring" whitespace at all. The property remains available to non-TypeScript applications for the sake of backwards compatibility, but TypeScript applications will now see a type error if they try to pass ignoreWhitespace: true to diffWords and should change their code to call diffWordsWithSpace instead.

    • JsDiff no longer purports to support ES3 environments. (I'm pretty sure it never truly did, despite claiming to in its README, since even the 1.0.0 release used Array.map which was added in ES5.)

  • #601 - diffJson's stringifyReplacer option behaves more like JSON.stringify's replacer argument now. In particular:
    • Each key/value pair now gets passed through the replacer once instead of twice
    • The key passed to the replacer when the top-level object is passed in as value is now "" (previously, was undefined), and the key passed with an array element is the array index as a string, like "0" or "1" (previously was whatever the key for the entire array was). Both the new behaviours match that of JSON.stringify.
  • #602 - diffing functions now consistently return undefined when called in async mode (i.e. with a callback). Previously, there was an odd quirk where they would return true if the strings being diffed were equal and undefined otherwise.

7.0.0

Just a single (breaking) bugfix, undoing a behaviour change introduced accidentally in 6.0.0:

  • #554 diffWords treats numbers and underscores as word characters again. This behaviour was broken in v6.0.0.

... (truncated)

Commits

Updates js-yaml from 3.14.1 to 3.14.2

Changelog

Sourced from js-yaml's changelog.

[3.14.2] - 2025-11-15

Security

  • Backported v4.1.1 fix to v3

[4.1.1] - 2025-11-12

Security

  • Fix prototype pollution issue in yaml merge (<<) operator.

[4.1.0] - 2021-04-15

Added

  • Types are now exported as yaml.types.XXX.
  • Every type now has options property with original arguments kept as they were (see yaml.types.int.options as an example).

Changed

  • Schema.extend() now keeps old type order in case of conflicts (e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as abcd instead of cbad).

[4.0.0] - 2021-01-03

Changed

  • Check migration guide to see details for all breaking changes.
  • Breaking: "unsafe" tags !!js/function, !!js/regexp, !!js/undefined are moved to js-yaml-js-types package.
  • Breaking: removed safe* functions. Use load, loadAll, dump instead which are all now safe by default.
  • yaml.DEFAULT_SAFE_SCHEMA and yaml.DEFAULT_FULL_SCHEMA are removed, use yaml.DEFAULT_SCHEMA instead.
  • yaml.Schema.create(schema, tags) is removed, use schema.extend(tags) instead.
  • !!binary now always mapped to Uint8Array on load.
  • Reduced nesting of /lib folder.
  • Parse numbers according to YAML 1.2 instead of YAML 1.1 (01234 is now decimal, 0o1234 is octal, 1:23 is parsed as string instead of base60).
  • dump() no longer quotes :, [, ], (, ) except when necessary, #470, #557.
  • Line and column in exceptions are now formatted as (X:Y) instead of at line X, column Y (also present in compact format), #332.
  • Code snippet created in exceptions now contains multiple lines with line numbers.
  • dump() now serializes undefined as null in collections and removes keys with undefined in mappings, #571.
  • dump() with skipInvalid=true now serializes invalid items in collections as null.
  • Custom tags starting with ! are now dumped as !tag instead of !<!tag>, #576.
  • Custom tags starting with tag:yaml.org,2002: are now shorthanded using !!, #258.

Added

  • Added .mjs (es modules) support.
  • Added quotingType and forceQuotes options for dumper to configure string literal style, #290, #529.
  • Added styles: { '!!null': 'empty' } option for dumper (serializes { foo: null } as "foo: "), #570.

... (truncated)

Commits

Updates lodash from 4.17.21 to 4.17.23

Commits

Updates qs from 6.12.1 to 6.13.0

Changelog

Sourced from qs's changelog.

6.13.0

  • [New] parse: add strictDepth option (#511)
  • [Tests] use npm audit instead of aud

6.12.3

  • [Fix] parse: properly account for strictNullHandling when allowEmptyArrays
  • [meta] fix changelog indentation

6.12.2

  • [Fix] parse: parse encoded square brackets (#506)
  • [readme] add CII best practices badge
Commits
  • 5cf516c v6.13.0
  • 8d56df2 [New] parse: add strictDepth option
  • c9a6694 [Tests] use npm audit instead of aud
  • f90cc35 v6.12.3
  • 1bf9f7a [Fix] parse: properly account for strictNullHandling when allowEmptyArrays
  • 7ebf48b [meta] fix changelog indentation
  • d0dff11 v6.12.2
  • f0b8d03 [Dev Deps] update @ljharb/eslint-config, object-inspect, tape
  • 81835ff [Fix]: parse: parse encoded square brackets
  • db47dcc [readme] add CII best practices badge
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
chore(deps): bump the npm_and_yarn group across 1 directory with 8 up…
96faf45 
…dates

Bumps the npm_and_yarn group with 7 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [next](https://github.com/vercel/next.js) | `14.2.32` | `14.2.35` |
| [storybook](https://github.com/storybookjs/storybook/tree/HEAD/code/core) | `8.1.6` | `8.6.15` |
| [wrangler](https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler) | `3.79.0` | `3.114.17` |
| [diff](https://github.com/kpdecker/jsdiff) | `5.2.0` | `5.2.2` |
| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |
| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.17.23` |
| [qs](https://github.com/ljharb/qs) | `6.12.1` | `6.13.0` |



Updates `next` from 14.2.32 to 14.2.35
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](vercel/next.js@v14.2.32...v14.2.35)

Updates `storybook` from 8.1.6 to 8.6.15
- [Release notes](https://github.com/storybookjs/storybook/releases)
- [Changelog](https://github.com/storybookjs/storybook/blob/next/CHANGELOG.md)
- [Commits](https://github.com/storybookjs/storybook/commits/v8.6.15/code/core)

Updates `wrangler` from 3.79.0 to 3.114.17
- [Release notes](https://github.com/cloudflare/workers-sdk/releases)
- [Changelog](https://github.com/cloudflare/workers-sdk/blob/wrangler@3.114.17/packages/wrangler/CHANGELOG.md)
- [Commits](https://github.com/cloudflare/workers-sdk/commits/wrangler@3.114.17/packages/wrangler)

Updates `cookie` from 0.5.0 to 0.6.0
- [Release notes](https://github.com/jshttp/cookie/releases)
- [Changelog](https://github.com/jshttp/cookie/blob/v0.6.0/HISTORY.md)
- [Commits](jshttp/cookie@v0.5.0...v0.6.0)

Updates `diff` from 5.2.0 to 5.2.2
- [Changelog](https://github.com/kpdecker/jsdiff/blob/master/release-notes.md)
- [Commits](kpdecker/jsdiff@v5.2.0...v5.2.2)

Updates `js-yaml` from 3.14.1 to 3.14.2
- [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md)
- [Commits](nodeca/js-yaml@3.14.1...3.14.2)

Updates `lodash` from 4.17.21 to 4.17.23
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](lodash/lodash@4.17.21...4.17.23)

Updates `qs` from 6.12.1 to 6.13.0
- [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md)
- [Commits](ljharb/qs@v6.12.1...v6.13.0)

---
updated-dependencies:
- dependency-name: next
  dependency-version: 14.2.35
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: storybook
  dependency-version: 8.6.15
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: wrangler
  dependency-version: 3.114.17
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: cookie
  dependency-version: 0.6.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: diff
  dependency-version: 5.2.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: js-yaml
  dependency-version: 3.14.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: lodash
  dependency-version: 4.17.23
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: qs
  dependency-version: 6.13.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jan 23, 2026
@cloudflare-workers-and-pages
Copy link

cloudflare-workers-and-pages bot commented Jan 23, 2026
edited
Loading

Deploying animata with  Cloudflare Pages  Cloudflare Pages

Latest commit: 96faf45
Status: ✅  Deploy successful!
Preview URL: https://201d6e08.animata.pages.dev
Branch Preview URL: https://dependabot-npm-and-yarn-npm-qv0n.animata.pages.dev

View logs

@coderabbitai
Copy link

coderabbitai bot commented Jan 23, 2026

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Comment @coderabbitai help to get the list of available commands and usage tips.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant