Skip to content

build(deps): bump the npm-all group across 1 directory with 4 updates#19

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/services/core/packages/webclient/npm-all-08929623de
Open

build(deps): bump the npm-all group across 1 directory with 4 updates#19
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/services/core/packages/webclient/npm-all-08929623de

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 5, 2026
edited
Loading

Bumps the npm-all group with 4 updates in the /services/core/packages/webclient directory: dompurify, vuetify, @types/node and @vue/tsconfig.

Updates dompurify from 3.3.1 to 3.3.2

Release notes

Sourced from dompurify's releases.

DOMPurify 3.3.2

  • Fixed a possible bypass caused by jsdom's faulty raw-text tag parsing, thanks multiple reporters
  • Fixed a prototype pollution issue when working with custom elements, thanks @​christos-eth
  • Fixed a lenient config parsing in _isValidAttribute, thanks @​christos-eth
  • Bumped and removed several dependencies, thanks @​Rotzbua
  • Fixed the test suite after bumping dependencies, thanks @​Rotzbua
Commits

Updates vuetify from 3.12.1 to 4.0.1

Release notes

Sourced from vuetify's releases.

v4.0.1

🚀 Features

🔧 Bug Fixes

  • theme: put theme stylesheet in body when loaded with unhead (2475a28)
  • VBadge: correct props.dotSize fallback (a71f396), closes #22658
  • VColorPicker: align sliders with controls (0d1ce90)
  • VDataTable: improvements for sorting in mobile mode (54affe1), closes #22288 #22426
  • VDataTable: keep fixed cells opaque when loading (ddca6ca), closes #21557
  • VGrid: correct mapping for grid gap x/y (65b4278)
  • VOtpInput: handle deletion via onBeforeinput for mobile compatibility (#22657) (2f8a4f9), closes #22628
  • VPagination: suppress browser spacing (a6b7b93)
  • VSelect: fix screenreader navigation to select options (#22602) (6c962b7), closes #22226
  • VSlideGroup: don't read dom attributes in computed() (a51b313), closes #22644
  • VSlider: reduce affix margins (18af2d2)
  • VSnackbar: opaque background for transparent variants (#22646) (e83fa88), closes #18871
  • VTimeline: keep dot border when using numeric dot size (6764c95), closes #22499

🧪 Labs

  • VFileUpload: hide-browse should hide divider as well (84f70ef)
  • VFileUpload: expose controlRef for internal <input /> (36d3d3c)
  • VFileUpload: append instead of replacing files when multiple (c93d2b7)
  • VFileUpload: integrate VInput & split internal logic (#22637) (027ab86)

v4.0.0

Welcome to the v4.0.0 release of Vuetify!

Supporting Vuetify

Vuetify is an open source MIT project that has been made possible due to the generous contributions by sponsors and backers. If your business depend on Vuetify, please consider joining sponsors and backers on various platforms to help support ongoing development and new features.

🚀 Features

... (truncated)

Commits
  • dd747e5 chore(release): publish v4.0.1
  • 84f70ef fix(VFileUpload): hide-browse should hide divider as well
  • 36d3d3c feat(VFileUpload): expose controlRef for internal \<input />
  • c93d2b7 fix(VFileUpload): append instead of replacing files when multiple
  • 2f8a4f9 fix(VOtpInput): handle deletion via onBeforeinput for mobile compatibility (#...
  • 027ab86 feat(VFileUpload): integrate VInput & split internal logic (#22637)
  • ef1efd4 docs(VTimeline): more precise type for justify in API docs
  • 18af2d2 fix(VSlider): reduce affix margins
  • 0d1ce90 fix(VColorPicker): align sliders with controls
  • 6764c95 fix(VTimeline): keep dot border when using numeric dot size
  • Additional commits viewable in compare view

Updates @types/node from 25.3.0 to 25.3.3

Commits

Updates @vue/tsconfig from 0.8.1 to 0.9.0

Release notes

Sourced from @​vue/tsconfig's releases.

v0.9.0

Noticeable Changes

  • feat: update lib to ES2022 by @​Slessi in vuejs/tsconfig#41
  • chore: move noUncheckedIndexedAccess from base config to the lib config [fa4423b]
    • This is because noUncheckedIndexedAccess may have false positives, making it hard for existing codebases to upgrade.
    • But for new codebases, it’s still recommended to enable this flag from the beginning.

New Contributors

Full Changelog: vuejs/tsconfig@v0.8.1...v0.9.0

Commits
  • 3569685 0.9.0
  • fa4423b chore: move noUncheckedIndexedAccess from base config to the lib config
  • 051d720 docs: update TypeScript version requirement
  • 3db886a feat: update lib to ES2022 (#41)
  • df9d3d4 docs: note the default value of types in TS 6+ has been changed to []
  • 0e39087 docs: note that strict mode is on by default in TS 6
  • ae3b1dc chore: make GitHub render tsconfig.*.json as JSONC
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Mar 5, 2026
@dependabot
build(deps): bump the npm-all group across 1 directory with 4 updates
f4cb485 
Bumps the npm-all group with 4 updates in the /services/core/packages/webclient directory: [dompurify](https://github.com/cure53/DOMPurify), [vuetify](https://github.com/vuetifyjs/vuetify/tree/HEAD/packages/vuetify), [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) and [@vue/tsconfig](https://github.com/vuejs/tsconfig).


Updates `dompurify` from 3.3.1 to 3.3.2
- [Release notes](https://github.com/cure53/DOMPurify/releases)
- [Commits](cure53/DOMPurify@3.3.1...3.3.2)

Updates `vuetify` from 3.12.1 to 4.0.1
- [Release notes](https://github.com/vuetifyjs/vuetify/releases)
- [Commits](https://github.com/vuetifyjs/vuetify/commits/v4.0.1/packages/vuetify)

Updates `@types/node` from 25.3.0 to 25.3.3
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `@vue/tsconfig` from 0.8.1 to 0.9.0
- [Release notes](https://github.com/vuejs/tsconfig/releases)
- [Commits](vuejs/tsconfig@v0.8.1...v0.9.0)

---
updated-dependencies:
- dependency-name: dompurify
  dependency-version: 3.3.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm-all
- dependency-name: vuetify
  dependency-version: 4.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: npm-all
- dependency-name: "@types/node"
  dependency-version: 25.3.3
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-all
- dependency-name: "@vue/tsconfig"
  dependency-version: 0.9.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-all
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/services/core/packages/webclient/npm-all-08929623de branch from f0c9340 to f4cb485 Compare March 6, 2026 17:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants