Skip to content

chore(deps): bump the npm_and_yarn group across 5 directories with 6 updates#16011

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/npm_and_yarn-ac4523db17
Open

chore(deps): bump the npm_and_yarn group across 5 directories with 6 updates#16011
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/npm_and_yarn-ac4523db17

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Mar 26, 2026

Bumps the npm_and_yarn group with 4 updates in the / directory: @angular/core, flatted, handlebars and yauzl.
Bumps the npm_and_yarn group with 1 update in the /e2e/coverage-handlebars directory: handlebars.
Bumps the npm_and_yarn group with 1 update in the /e2e/global-setup directory: picomatch.
Bumps the npm_and_yarn group with 1 update in the /e2e/global-teardown directory: picomatch.
Bumps the npm_and_yarn group with 2 updates in the /e2e/native-esm directory: picomatch and tar.

Updates @angular/core from 21.2.1 to 21.2.4

Release notes

Sourced from @​angular/core's releases.

21.2.4

compiler

Commit Description
fix - ed2d324f9c disallow translations of iframe src

core

Commit Description
fix - abbd8797bb reverts "feat(core): add support for nested animations"
fix - d1dcd16c5b sanitize translated form attributes

VSCode Extension: 21.2.3

This release contains internal refactorings only.

21.2.3

core

Commit Description
fix - 62a97f7e4b ensure definitions compile
fix - 21b1c3b2ee include signal debug names in their toString() representation
fix - 224e60ecb1 sanitize translated attribute bindings with interpolations

VSCode Extension: 21.2.2

  • fix(extension): bundle TypeScript 5.9 internally (da57d1af73)

21.2.2

compiler

Commit Description
fix - 1df1697c6e prevent mutation of children array in RecursiveVisitor

compiler-cli

Commit Description
fix - c822bf8e76 always parenthesize object literals in TCB
fix - 05d022d5e6 ignore generated ngDevMode signal branch for code coverage

forms

Commit Description
feat - 670d1660c4 add 'blur' option to debounce rule
Changelog

Sourced from @​angular/core's changelog.

21.2.4 (2026-03-12)

compiler

Commit Type Description
ed2d324f9c fix disallow translations of iframe src

core

Commit Type Description
abbd8797bb fix reverts "feat(core): add support for nested animations"
d1dcd16c5b fix sanitize translated form attributes

22.0.0-next.2 (2026-03-11)

Breaking Changes

core

  • createNgModuleRef was removed, use createNgModule instead

core

Commit Type Description
b918beda32 feat allow debouncing signals
f9ede9ec98 fix ensure definitions compile
b401c18674 fix include signal debug names in their toString() representation
8630319f74 fix sanitize translated attribute bindings with interpolations
36936872c9 refactor remove createNgModuleRef

forms

Commit Type Description
3e7ce0dafc fix restrict SignalFormsConfig to a readonly API

language-service

Commit Type Description
5a6d88626b feat add angular template inlay hints support

21.2.3 (2026-03-11)

core

Commit Type Description
62a97f7e4b fix ensure definitions compile
21b1c3b2ee fix include signal debug names in their toString() representation
224e60ecb1 fix sanitize translated attribute bindings with interpolations

21.2.2 (2026-03-09)

... (truncated)

Commits
  • d1dcd16 fix(core): sanitize translated form attributes
  • abbd879 fix(core): reverts "feat(core): add support for nested animations"
  • 7907e98 test: remove duplicate tests
  • 21b1c3b fix(core): include signal debug names in their toString() representation
  • 6c73aac refactor(common): Removes unused generic type parameters from KeyValueDiffers
  • c98eab7 refactor(core): remove old resource params
  • 7513558 docs: combine multiple documentation improvements into one PR
  • 575f302 refactor(core): interface cleanup
  • 224e60e fix(core): sanitize translated attribute bindings with interpolations
  • 09638ec docs(core): clarify provideZoneChangeDetection usage in v21+
  • Additional commits viewable in compare view

Updates flatted from 3.3.3 to 3.4.2

Commits
  • 3bf0909 3.4.2
  • 885ddcc fix CWE-1321
  • 0bdba70 added flatted-view to the benchmark
  • 2a02dce 3.4.1
  • fba4e8f Merge pull request #89 from WebReflection/python-fix
  • 5fe8648 added "when in Rome" also a test for PHP
  • 53517ad some minor improvement
  • b3e2a0c Fixing recursion issue in Python too
  • c4b46db Add SECURITY.md for security policy and reporting
  • f86d071 Create dependabot.yml for version updates
  • Additional commits viewable in compare view

Updates handlebars from 4.7.8 to 4.7.9

Release notes

Sourced from handlebars's releases.

v4.7.9

Commits

Changelog

Sourced from handlebars's changelog.

v4.7.9 - March 26th, 2026

  • fix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2
  • fix type "RuntimeOptions" also accepting string partials - eab1d14
  • feat(types): set hash to be a Record<string, any> - de4414d
  • fix non-contiguous program indices - 4512766
  • refactor: rename i to startPartIndex - e497a35
  • security: fix security issues - 68d8df5

Commits

Commits
  • dce542c v4.7.9
  • 8a41389 Update release notes
  • 68d8df5 Fix security issues
  • b2a0831 Fix browser tests
  • 9f98c16 Fix release script
  • 45443b4 Revert "Improve partial indenting performance"
  • 8841a5f Fix CI errors with linting
  • e0137c2 fix: enable shell mode for spawn to resolve Windows EINVAL issue
  • e914d60 Improve rendering performance
  • 7de4b41 Upgrade GitHub Actions checkout and setup-node on 4.x branch
  • Additional commits viewable in compare view

Updates yauzl from 3.2.0 to 3.2.1

Commits

Updates handlebars from 4.7.8 to 4.7.9

Release notes

Sourced from handlebars's releases.

v4.7.9

Commits

Changelog

Sourced from handlebars's changelog.

v4.7.9 - March 26th, 2026

  • fix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2
  • fix type "RuntimeOptions" also accepting string partials - eab1d14
  • feat(types): set hash to be a Record<string, any> - de4414d
  • fix non-contiguous program indices - 4512766
  • refactor: rename i to startPartIndex - e497a35
  • security: fix security issues - 68d8df5

Commits

Commits
  • dce542c v4.7.9
  • 8a41389 Update release notes
  • 68d8df5 Fix security issues
  • b2a0831 Fix browser tests
  • 9f98c16 Fix release script
  • 45443b4 Revert "Improve partial indenting performance"
  • 8841a5f Fix CI errors with linting
  • e0137c2 fix: enable shell mode for spawn to resolve Windows EINVAL issue
  • e914d60 Improve rendering performance
  • 7de4b41 Upgrade GitHub Actions checkout and setup-node on 4.x branch
  • Additional commits viewable in compare view

Updates picomatch from 2.3.1 to 2.3.2

Release notes

Sourced from picomatch's releases.

2.3.2

This is a security release fixing several security relevant issues.

What's Changed

Full Changelog: micromatch/picomatch@2.3.1...2.3.2

Changelog

Sourced from picomatch's changelog.

Release history

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog and this project adheres to Semantic Versioning.

  • Changelogs are for humans, not machines.
  • There should be an entry for every single version.
  • The same types of changes should be grouped.
  • Versions and sections should be linkable.
  • The latest version comes first.
  • The release date of each versions is displayed.
  • Mention whether you follow Semantic Versioning.

Changelog entries are classified using the following labels (from keep-a-changelog):

  • Added for new features.
  • Changed for changes in existing functionality.
  • Deprecated for soon-to-be removed features.
  • Removed for now removed features.
  • Fixed for any bug fixes.
  • Security in case of vulnerabilities.

4.0.0 (2024-02-07)

Fixes

Changed

3.0.1

Fixes

... (truncated)

Commits

Updates picomatch from 2.3.1 to 2.3.2

Release notes

Sourced from picomatch's releases.

2.3.2

This is a security release fixing several security relevant issues.

What's Changed

Full Changelog: micromatch/picomatch@2.3.1...2.3.2

Changelog

Sourced from picomatch's changelog.

Release history

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog and this project adheres to Semantic Versioning.

  • Changelogs are for humans, not machines.
  • There should be an entry for every single version.
  • The same types of changes should be grouped.
  • Versions and sections should be linkable.
  • The latest version comes first.
  • The release date of each versions is displayed.
  • Mention whether you follow Semantic Versioning.

Changelog entries are classified using the following labels (from keep-a-changelog):

  • Added for new features.
  • Changed for changes in existing functionality.
  • Deprecated for soon-to-be removed features.
  • Removed for now removed features.
  • Fixed for any bug fixes.
  • Security in case of vulnerabilities.

4.0.0 (2024-02-07)

Fixes

Changed

3.0.1

Fixes

... (truncated)

Commits

Updates picomatch from 4.0.2 to 4.0.4

Release notes

Sourced from picomatch's releases.

2.3.2

This is a security release fixing several security relevant issues.

What's Changed

Full Changelog: micromatch/picomatch@2.3.1...2.3.2

Changelog

Sourced from picomatch's changelog.

Release history

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog and this project adheres to Semantic Versioning.

  • Changelogs are for humans, not machines.
  • There should be an entry for every single version.
  • The same types of changes should be grouped.
  • Versions and sections should be linkable.
  • The latest version comes first.
  • The release date of each versions is displayed.
  • Mention whether you follow Semantic Versioning.

Changelog entries are classified using the following labels (from keep-a-changelog):

  • Added for new features.
  • Changed for changes in existing functionality.
  • Deprecated for soon-to-be removed features.
  • Removed for now removed features.
  • Fixed for any bug fixes.
  • Security in case of vulnerabilities.

4.0.0 (2024-02-07)

Fixes

Changed

3.0.1

Fixes

... (truncated)

Commits

Updates tar from 7.5.10 to 7.5.13

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
chore(deps): bump the npm_and_yarn group across 5 directories with 6 …
977ec03 
…updates

Bumps the npm_and_yarn group with 4 updates in the / directory: [@angular/core](https://github.com/angular/angular/tree/HEAD/packages/core), [flatted](https://github.com/WebReflection/flatted), [handlebars](https://github.com/handlebars-lang/handlebars.js) and [yauzl](https://github.com/thejoshwolfe/yauzl).
Bumps the npm_and_yarn group with 1 update in the /e2e/coverage-handlebars directory: [handlebars](https://github.com/handlebars-lang/handlebars.js).
Bumps the npm_and_yarn group with 1 update in the /e2e/global-setup directory: [picomatch](https://github.com/micromatch/picomatch).
Bumps the npm_and_yarn group with 1 update in the /e2e/global-teardown directory: [picomatch](https://github.com/micromatch/picomatch).
Bumps the npm_and_yarn group with 2 updates in the /e2e/native-esm directory: [picomatch](https://github.com/micromatch/picomatch) and [tar](https://github.com/isaacs/node-tar).


Updates `@angular/core` from 21.2.1 to 21.2.4
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/v21.2.4/packages/core)

Updates `flatted` from 3.3.3 to 3.4.2
- [Commits](WebReflection/flatted@v3.3.3...v3.4.2)

Updates `handlebars` from 4.7.8 to 4.7.9
- [Release notes](https://github.com/handlebars-lang/handlebars.js/releases)
- [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/v4.7.9/release-notes.md)
- [Commits](handlebars-lang/handlebars.js@v4.7.8...v4.7.9)

Updates `yauzl` from 3.2.0 to 3.2.1
- [Commits](thejoshwolfe/yauzl@3.2.0...3.2.1)

Updates `handlebars` from 4.7.8 to 4.7.9
- [Release notes](https://github.com/handlebars-lang/handlebars.js/releases)
- [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/v4.7.9/release-notes.md)
- [Commits](handlebars-lang/handlebars.js@v4.7.8...v4.7.9)

Updates `picomatch` from 2.3.1 to 2.3.2
- [Release notes](https://github.com/micromatch/picomatch/releases)
- [Changelog](https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md)
- [Commits](micromatch/picomatch@2.3.1...2.3.2)

Updates `picomatch` from 2.3.1 to 2.3.2
- [Release notes](https://github.com/micromatch/picomatch/releases)
- [Changelog](https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md)
- [Commits](micromatch/picomatch@2.3.1...2.3.2)

Updates `picomatch` from 4.0.2 to 4.0.4
- [Release notes](https://github.com/micromatch/picomatch/releases)
- [Changelog](https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md)
- [Commits](micromatch/picomatch@2.3.1...2.3.2)

Updates `tar` from 7.5.10 to 7.5.13
- [Release notes](https://github.com/isaacs/node-tar/releases)
- [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md)
- [Commits](isaacs/node-tar@v7.5.10...v7.5.13)

---
updated-dependencies:
- dependency-name: "@angular/core"
  dependency-version: 21.2.4
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: flatted
  dependency-version: 3.4.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: handlebars
  dependency-version: 4.7.9
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: yauzl
  dependency-version: 3.2.1
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: handlebars
  dependency-version: 4.7.9
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: picomatch
  dependency-version: 2.3.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: picomatch
  dependency-version: 2.3.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: picomatch
  dependency-version: 4.0.4
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: tar
  dependency-version: 7.5.13
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Mar 26, 2026
@dependabot dependabot bot mentioned this pull request Mar 26, 2026
Closed
@netlify
Copy link
Copy Markdown

netlify bot commented Mar 26, 2026
edited
Loading

Deploy Preview for jestjs ready!

Name Link
🔨 Latest commit 977ec03
🔍 Latest deploy log https://app.netlify.com/projects/jestjs/deploys/69c5bbbf37a5e80008625f35
😎 Deploy Preview https://deploy-preview-16011--jestjs.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

@pkg-pr-new
Copy link
Copy Markdown

pkg-pr-new bot commented Mar 26, 2026
edited
Loading

Open in StackBlitz

babel-jest

npm i https://pkg.pr.new/babel-jest@16011

babel-plugin-jest-hoist

npm i https://pkg.pr.new/babel-plugin-jest-hoist@16011

babel-preset-jest

npm i https://pkg.pr.new/babel-preset-jest@16011

create-jest

npm i https://pkg.pr.new/create-jest@16011

@jest/diff-sequences

npm i https://pkg.pr.new/@jest/diff-sequences@16011

expect

npm i https://pkg.pr.new/expect@16011

@jest/expect-utils

npm i https://pkg.pr.new/@jest/expect-utils@16011

jest

npm i https://pkg.pr.new/jest@16011

jest-changed-files

npm i https://pkg.pr.new/jest-changed-files@16011

jest-circus

npm i https://pkg.pr.new/jest-circus@16011

jest-cli

npm i https://pkg.pr.new/jest-cli@16011

jest-config

npm i https://pkg.pr.new/jest-config@16011

@jest/console

npm i https://pkg.pr.new/@jest/console@16011

@jest/core

npm i https://pkg.pr.new/@jest/core@16011

@jest/create-cache-key-function

npm i https://pkg.pr.new/@jest/create-cache-key-function@16011

jest-diff

npm i https://pkg.pr.new/jest-diff@16011

jest-docblock

npm i https://pkg.pr.new/jest-docblock@16011

jest-each

npm i https://pkg.pr.new/jest-each@16011

@jest/environment

npm i https://pkg.pr.new/@jest/environment@16011

jest-environment-jsdom

npm i https://pkg.pr.new/jest-environment-jsdom@16011

@jest/environment-jsdom-abstract

npm i https://pkg.pr.new/@jest/environment-jsdom-abstract@16011

jest-environment-node

npm i https://pkg.pr.new/jest-environment-node@16011

@jest/expect

npm i https://pkg.pr.new/@jest/expect@16011

@jest/fake-timers

npm i https://pkg.pr.new/@jest/fake-timers@16011

@jest/get-type

npm i https://pkg.pr.new/@jest/get-type@16011

@jest/globals

npm i https://pkg.pr.new/@jest/globals@16011

jest-haste-map

npm i https://pkg.pr.new/jest-haste-map@16011

jest-jasmine2

npm i https://pkg.pr.new/jest-jasmine2@16011

jest-leak-detector

npm i https://pkg.pr.new/jest-leak-detector@16011

jest-matcher-utils

npm i https://pkg.pr.new/jest-matcher-utils@16011

jest-message-util

npm i https://pkg.pr.new/jest-message-util@16011

jest-mock

npm i https://pkg.pr.new/jest-mock@16011

@jest/pattern

npm i https://pkg.pr.new/@jest/pattern@16011

jest-phabricator

npm i https://pkg.pr.new/jest-phabricator@16011

jest-regex-util

npm i https://pkg.pr.new/jest-regex-util@16011

@jest/reporters

npm i https://pkg.pr.new/@jest/reporters@16011

jest-resolve

npm i https://pkg.pr.new/jest-resolve@16011

jest-resolve-dependencies

npm i https://pkg.pr.new/jest-resolve-dependencies@16011

jest-runner

npm i https://pkg.pr.new/jest-runner@16011

jest-runtime

npm i https://pkg.pr.new/jest-runtime@16011

@jest/schemas

npm i https://pkg.pr.new/@jest/schemas@16011

jest-snapshot

npm i https://pkg.pr.new/jest-snapshot@16011

@jest/snapshot-utils

npm i https://pkg.pr.new/@jest/snapshot-utils@16011

@jest/source-map

npm i https://pkg.pr.new/@jest/source-map@16011

@jest/test-result

npm i https://pkg.pr.new/@jest/test-result@16011

@jest/test-sequencer

npm i https://pkg.pr.new/@jest/test-sequencer@16011

@jest/transform

npm i https://pkg.pr.new/@jest/transform@16011

@jest/types

npm i https://pkg.pr.new/@jest/types@16011

jest-util

npm i https://pkg.pr.new/jest-util@16011

jest-validate

npm i https://pkg.pr.new/jest-validate@16011

jest-watcher

npm i https://pkg.pr.new/jest-watcher@16011

jest-worker

npm i https://pkg.pr.new/jest-worker@16011

pretty-format

npm i https://pkg.pr.new/pretty-format@16011

commit: 977ec03

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants