Skip to content

chore(deps): Bump immutable from 4.3.7 to 4.3.8#12436

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/immutable-4.3.8
Open

chore(deps): Bump immutable from 4.3.7 to 4.3.8#12436
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/immutable-4.3.8

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 4, 2026
edited
Loading

Bumps immutable from 4.3.7 to 4.3.8.

Release notes

Sourced from immutable's releases.

v4.3.8

Fix Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in immutable

Changelog

Sourced from immutable's changelog.

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning. Dates are formatted as YYYY-MM-DD.

Unreleased

5.1.5

  • Fix Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in immutable

5.1.4

Documentation

Internal

5.1.3

TypeScript

Documentation

There has been a huge amount of changes in the documentation, mainly migrate from an autogenerated documentation from .d.ts file, to a proper documentation in markdown. The playground has been included on nearly all method examples. We added a page about browser extensions too: https://immutable-js.com/browser-extension/

Internal

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for immutable since your current version.


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code patch labels Mar 4, 2026
@dependabot dependabot bot requested a review from a team as a code owner March 4, 2026 23:04
@dependabot dependabot bot requested review from bruno-amorim and marcelojcs and removed request for a team March 4, 2026 23:04
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Mar 4, 2026
@dependabot dependabot bot added patch javascript Pull requests that update Javascript code labels Mar 4, 2026
@netlify
Copy link

netlify bot commented Mar 4, 2026
edited
Loading

Deploy Preview for incomparable-wisp-8d6771 ready!

Name Link
🔨 Latest commit 51a4029
🔍 Latest deploy log https://app.netlify.com/projects/incomparable-wisp-8d6771/deploys/69a93a53f1bd8400082288aa
😎 Deploy Preview https://deploy-preview-12436--incomparable-wisp-8d6771.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

@netlify
Copy link

netlify bot commented Mar 4, 2026
edited
Loading

Deploy Preview for ibm-dotcom-web-components ready!

Name Link
🔨 Latest commit 51a4029
🔍 Latest deploy log https://app.netlify.com/projects/ibm-dotcom-web-components/deploys/69a93a53c9fa7e000811059d
😎 Deploy Preview https://deploy-preview-12436--ibm-dotcom-web-components.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

@Valentin-Sorin-Nicolae
Copy link
Contributor

Valentin-Sorin-Nicolae commented Mar 5, 2026

@dependabot rebase

@dependabot
chore(deps): Bump immutable from 4.3.7 to 4.3.8
51a4029 
Bumps [immutable](https://github.com/immutable-js/immutable-js) from 4.3.7 to 4.3.8.
- [Release notes](https://github.com/immutable-js/immutable-js/releases)
- [Changelog](https://github.com/immutable-js/immutable-js/blob/main/CHANGELOG.md)
- [Commits](immutable-js/immutable-js@v4.3.7...v4.3.8)

---
updated-dependencies:
- dependency-name: immutable
  dependency-version: 4.3.8
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/immutable-4.3.8 branch from 44c83a2 to 51a4029 Compare March 5, 2026 08:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@bruno-amorim bruno-amorim Awaiting requested review from bruno-amorim bruno-amorim is a code owner automatically assigned from carbon-design-system/carbon-for-ibm-com-members

@marcelojcs marcelojcs Awaiting requested review from marcelojcs marcelojcs is a code owner automatically assigned from carbon-design-system/carbon-for-ibm-com-members

@Valentin-Sorin-Nicolae Valentin-Sorin-Nicolae Awaiting requested review from Valentin-Sorin-Nicolae Valentin-Sorin-Nicolae is a code owner automatically assigned from carbon-design-system/carbon-for-ibm-com-members

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code patch

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Valentin-Sorin-Nicolae