Bump the npm_and_yarn group across 1 directory with 7 updates#7
Open
dependabot[bot] wants to merge 1 commit into
Open
Bump the npm_and_yarn group across 1 directory with 7 updates#7dependabot[bot] wants to merge 1 commit into
dependabot[bot] wants to merge 1 commit into
Conversation
Bumps the npm_and_yarn group with 7 updates in the / directory: | Package | From | To | | --- | --- | --- | | [@angular/common](https://github.com/angular/angular/tree/HEAD/packages/common) | `5.1.2` | `20.3.25` | | [@angular/compiler](https://github.com/angular/angular/tree/HEAD/packages/compiler) | `5.1.2` | `20.3.25` | | [@angular/core](https://github.com/angular/angular/tree/HEAD/packages/core) | `5.1.2` | `20.3.25` | | [jsrsasign](https://github.com/kjur/jsrsasign) | `8.0.4` | `11.1.1` | | [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.0.11` | `4.7.9` | | [jws](https://github.com/brianloveswords/node-jws) | `3.1.4` | `3.2.3` | | [shell-quote](https://github.com/ljharb/shell-quote) | `1.6.1` | `1.9.0` | Updates `@angular/common` from 5.1.2 to 20.3.25 - [Release notes](https://github.com/angular/angular/releases) - [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md) - [Commits](https://github.com/angular/angular/commits/v20.3.25/packages/common) Updates `@angular/compiler` from 5.1.2 to 20.3.25 - [Release notes](https://github.com/angular/angular/releases) - [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md) - [Commits](https://github.com/angular/angular/commits/v20.3.25/packages/compiler) Updates `@angular/core` from 5.1.2 to 20.3.25 - [Release notes](https://github.com/angular/angular/releases) - [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md) - [Commits](https://github.com/angular/angular/commits/v20.3.25/packages/core) Updates `jsrsasign` from 8.0.4 to 11.1.1 - [Release notes](https://github.com/kjur/jsrsasign/releases) - [Changelog](https://github.com/kjur/jsrsasign/blob/master/ChangeLog.txt) - [Commits](kjur/jsrsasign@8.0.4...11.1.1) Updates `handlebars` from 4.0.11 to 4.7.9 - [Release notes](https://github.com/handlebars-lang/handlebars.js/releases) - [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/v4.7.9/release-notes.md) - [Commits](handlebars-lang/handlebars.js@v4.0.11...v4.7.9) Updates `jws` from 3.1.4 to 3.2.3 - [Release notes](https://github.com/brianloveswords/node-jws/releases) - [Changelog](https://github.com/auth0/node-jws/blob/master/CHANGELOG.md) - [Commits](auth0/node-jws@v3.1.4...v3.2.3) Updates `shell-quote` from 1.6.1 to 1.9.0 - [Changelog](https://github.com/ljharb/shell-quote/blob/main/CHANGELOG.md) - [Commits](ljharb/shell-quote@v1.6.1...v1.9.0) --- updated-dependencies: - dependency-name: "@angular/common" dependency-version: 20.3.25 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: "@angular/compiler" dependency-version: 20.3.25 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: "@angular/core" dependency-version: 20.3.25 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: jsrsasign dependency-version: 11.1.1 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: handlebars dependency-version: 4.7.9 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: jws dependency-version: 3.2.3 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: shell-quote dependency-version: 1.9.0 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
This was referenced Jul 7, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the npm_and_yarn group with 7 updates in the / directory:
5.1.220.3.255.1.220.3.255.1.220.3.258.0.411.1.14.0.114.7.93.1.43.2.31.6.11.9.0Updates
@angular/commonfrom 5.1.2 to 20.3.25Release notes
Sourced from @angular/common's releases.
... (truncated)
Changelog
Sourced from @angular/common's changelog.
... (truncated)
Commits
06be298fix(http): preserve empty referrer option in HttpRequest9f443bcfix(common): Limits date format string lengthfa940e1fix(http): Rejects non-HTTP(S) URLs in JSONP requests1a62130fix(common): use cryptographically secure SHA-256 for transfer cache key gene...566ad05fix(common): skip transfer cache for uncacheable HTTP traffice2ef1cefix(http): skip transfer cache for fetch credentialed requests3d135cefix(common): add upper bounds for digitsInfo39a4b4cfix(common): sanitize placeholderde7b2a6fix(http): exclude withCredentials requests from transfer cache4233188fix(http): skip TransferCache for cookie-bearing requests by defaultMaintainer changes
This version was pushed to npm by google-wombot, a new releaser for
@angular/commonsince your current version.Updates
@angular/compilerfrom 5.1.2 to 20.3.25Release notes
Sourced from @angular/compiler's releases.
... (truncated)
Changelog
Sourced from @angular/compiler's changelog.
... (truncated)
Commits
a68ec70fix(compiler): sanitize two-way propertiesd40acc6fix(compiler): prevent namespaced SVG <style> elements from being stripped7ae6381test(compiler-cli): align ngtsc sanitization expectations with modern DOM sch...36200bdtest(core): update spec files to match 20.3.x limits and actual contexts (#68...823b37ftest(compiler): remove obsolete schema_extractor import (#68926)e345a58fix(core): normalize tag names in runtime i18n attribute security context loo...8f35b18fix(compiler): normalize tag names with custom namespaces in DomElementSchema...64a89e9fix(compiler): sanitize dynamic href and xlink:href bindings on SVG a element...6404edffix(compiler): strip namespaced SVG script elements during template compilati...dc631effix(core): support prefix-insensitive DOM schema lookups and compile-time i18...Maintainer changes
This version was pushed to npm by google-wombot, a new releaser for
@angular/compilersince your current version.Updates
@angular/corefrom 5.1.2 to 20.3.25Release notes
Sourced from @angular/core's releases.
... (truncated)
Changelog
Sourced from @angular/core's changelog.
... (truncated)
Commits
ca48b47fix(core): validate lowercase SVG animation attribute names (#69270)1a62130fix(common): use cryptographically secure SHA-256 for transfer cache key gene...49368c1fix(platform-server): harden platform location origin validation during SSR566ad05fix(common): skip transfer cache for uncacheable HTTP traffic768a349fix(core): harden TransferState restoration against DOM clobbering7ae6381test(compiler-cli): align ngtsc sanitization expectations with modern DOM sch...6595409test(core): update golden symbols and host bindings sanitization spec (#68926)d86e4e7fix(core): reject script element as a dynamic component host (#68926)b8f1f72test(core): remove obsolete blockquote cite host binding tests (#68926)36200bdtest(core): update spec files to match 20.3.x limits and actual contexts (#68...Maintainer changes
This version was pushed to npm by google-wombot, a new releaser for
@angular/coresince your current version.Updates
jsrsasignfrom 8.0.4 to 11.1.1Release notes
Sourced from jsrsasign's releases.
... (truncated)
Changelog
Sourced from jsrsasign's changelog.
... (truncated)
Commits
e2b136e11.1.1 releasee2e417eMerge pull request #641 from njg7194/add-security-policy77f1776Merge pull request #651 from Kr0emer/fix/bug-007-isprobableprime-negative5ea1c32Merge pull request #650 from Kr0emer/fix/bug-006-modpow-negative-exponentee4b013Merge pull request #647 from Kr0emer/fix/bug-003-dsa-nonce-compareto37b4c06Merge pull request #646 from Kr0emer/fix/bug-002-dsa-domain-params-validationd89f0ecfix(crypto): correct compareTo checks in BigInteger RNG helpers02fa75dfix(jsbn2): reject non-positive values in primality checksf508dddMerge branch 'master' into fix/bug-002-dsa-domain-params-validationca5b027Merge pull request #648 from Kr0emer/fix/bug-004-modinverse-dosUpdates
handlebarsfrom 4.0.11 to 4.7.9Release notes
Sourced from handlebars's releases.
Changelog
Sourced from handlebars's changelog.
... (truncated)
Commits
dce542cv4.7.98a41389Update release notes68d8df5Fix security issuesb2a0831Fix browser tests9f98c16Fix release script45443b4Revert "Improve partial indenting performance"8841a5fFix CI errors with lintinge0137c2fix: enable shell mode for spawn to resolve Windows EINVAL issuee914d60Improve rendering performance7de4b41Upgrade GitHub Actions checkout and setup-node on 4.x branchMaintainer changes
This version was pushed to npm by jaylinski, a new releaser for handlebars since your current version.
Updates
jwsfrom 3.1.4 to 3.2.3Release notes
Sourced from jws's releases.
Changelog
Sourced from jws's changelog.
Commits
4f6e73fMerge commit from forkbd0fea5version 3.2.37c3b4b4Enhance tests for HMAC streaming sign and verifya9b8ed9Improve secretOrKey initialization in VerifyStream6707fdeImprove secret handling in SignStream7d4a071v3.2.210b7229deps: jwa@^1.4.137e67a8v3.2.1fc398d8update jws.ALGORITHMS5cdc5cev3.2.0Maintainer changes
This version was pushed to npm by julien.wollscheid, a new releaser for jws since your current version.
Updates
shell-quotefrom 1.6.1 to 1.9.0Changelog
Sourced from shell-quote's changelog.