Skip to content

chore(deps-dev): bump the npm_and_yarn group across 1 directory with 2 updates#1386

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/npm_and_yarn-77d675c14a
Open

chore(deps-dev): bump the npm_and_yarn group across 1 directory with 2 updates#1386
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/npm_and_yarn-77d675c14a

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Mar 27, 2026
edited
Loading

Bumps the npm_and_yarn group with 2 updates in the / directory: fastify and flatted.

Updates fastify from 5.7.2 to 5.8.3

Release notes

Sourced from fastify's releases.

v5.8.3

⚠️ Security Release

This fixes CVE CVE-2026-3635 GHSA-444r-cwp2-x5xf.

What's Changed

New Contributors

Full Changelog: fastify/fastify@v5.8.2...v5.8.3

v5.8.2

What's Changed

New Contributors

... (truncated)

Commits
  • a3e77ce Bumped v5.8.3
  • 4e1db5b fix: gate host and protocol getters on proxy trust function
  • a22217f ci(lock-threads): use shared lock-threads workflow (#6592)
  • 1851f20 docs: update links (#6593)
  • 9cc5187 types: Allow port to be null in request type definition (#6589)
  • 722d83b docs: replace redirected npm.im http-errors link (#6588)
  • a1413de docs: fix incorrect code examples in Reply and Request reference (#6582)
  • d7f01b6 docs: clarify content-type parser/schema mismatch is outside threat model (#6...
  • a0649e9 docs: update syntax markdown, absolute paths and links (#6569)
  • d477915 ci(link-checker): fix root-relative links resolution (#6535)
  • Additional commits viewable in compare view

Updates flatted from 3.3.2 to 3.4.2

Commits
  • 3bf0909 3.4.2
  • 885ddcc fix CWE-1321
  • 0bdba70 added flatted-view to the benchmark
  • 2a02dce 3.4.1
  • fba4e8f Merge pull request #89 from WebReflection/python-fix
  • 5fe8648 added "when in Rome" also a test for PHP
  • 53517ad some minor improvement
  • b3e2a0c Fixing recursion issue in Python too
  • c4b46db Add SECURITY.md for security policy and reporting
  • f86d071 Create dependabot.yml for version updates
  • Additional commits viewable in compare view

@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Mar 27, 2026
@dependabot
chore(deps-dev): bump the npm_and_yarn group across 1 directory with …
3698510 
…2 updates

Bumps the npm_and_yarn group with 2 updates in the / directory: [fastify](https://github.com/fastify/fastify) and [flatted](https://github.com/WebReflection/flatted).


Updates `fastify` from 5.7.2 to 5.8.3
- [Release notes](https://github.com/fastify/fastify/releases)
- [Commits](fastify/fastify@v5.7.2...v5.8.3)

Updates `flatted` from 3.3.2 to 3.4.2
- [Commits](WebReflection/flatted@v3.3.2...v3.4.2)

---
updated-dependencies:
- dependency-name: fastify
  dependency-version: 5.8.3
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: flatted
  dependency-version: 3.4.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/npm_and_yarn-77d675c14a branch from 4f0b7df to 3698510 Compare April 1, 2026 05:47
@Tony133 Tony133 mentioned this pull request Apr 7, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants