Skip to content

build(deps-dev): bump flatted from 3.3.3 to 3.4.2#425

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/flatted-3.4.2
Open

build(deps-dev): bump flatted from 3.3.3 to 3.4.2#425
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/flatted-3.4.2

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Mar 21, 2026
edited
Loading

Bumps flatted from 3.3.3 to 3.4.2.

Commits
  • 3bf0909 3.4.2
  • 885ddcc fix CWE-1321
  • 0bdba70 added flatted-view to the benchmark
  • 2a02dce 3.4.1
  • fba4e8f Merge pull request #89 from WebReflection/python-fix
  • 5fe8648 added "when in Rome" also a test for PHP
  • 53517ad some minor improvement
  • b3e2a0c Fixing recursion issue in Python too
  • c4b46db Add SECURITY.md for security policy and reporting
  • f86d071 Create dependabot.yml for version updates
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Mar 21, 2026
@dependabot dependabot Bot changed the title chore(deps-dev): bump flatted from 3.3.3 to 3.4.2 build(deps-dev): bump flatted from 3.3.3 to 3.4.2 Apr 8, 2026
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/flatted-3.4.2 branch from fb26e76 to fd6d719 Compare April 8, 2026 12:48
@ManiruzzamanAkash ManiruzzamanAkash force-pushed the dependabot/npm_and_yarn/flatted-3.4.2 branch from fd6d719 to 37dd90a Compare May 14, 2026 03:53
github-actions[bot]
github-actions Bot reviewed May 14, 2026
View reviewed changes
Comment thread package-lock.json
@@ -7257,104 +7257,6 @@
"@types/estree": "^1.0.0"
}
Copy link
Copy Markdown

@github-actions github-actions Bot May 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What: Removal of numerous dependencies without context may lead to breaking changes.

Why: Removing dependencies from the package lock without proper review or testing can introduce issues in builds where these dependencies are required, resulting in potential runtime errors or broken functionality.

How: Ensure all removed dependencies are actually unnecessary. Review any related tests or functionality to confirm they are not affected. If possible, ensure that the project is thoroughly tested after making such significant changes to the dependency tree.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants