Skip to content

build(deps): bump handlebars and picomatch via pnpm update#479

Merged
lwshang merged 1 commit intomainfrom
lwshang/pnpm_update
Apr 7, 2026
Merged

build(deps): bump handlebars and picomatch via pnpm update#479
lwshang merged 1 commit intomainfrom
lwshang/pnpm_update

Conversation

@lwshang
Copy link
Copy Markdown
Contributor

@lwshang lwshang commented Apr 7, 2026
edited
Loading

Summary

  • Ran pnpm update to resolve two open Dependabot security alerts
    • handlebars bumped to 4.7.9
    • picomatch bumped to 4.0.4

Test plan

  • CI passes

🤖 Generated with Claude Code

@lwshang @claude
build(deps): bump handlebars and picomatch via pnpm update
8657770 
Resolves security vulnerabilities:
- handlebars bumped to 4.7.9 (fixes prototype pollution)
- picomatch bumped to 4.0.4 (fixes method injection in POSIX character classes)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@lwshang lwshang marked this pull request as ready for review April 7, 2026 14:39
@lwshang lwshang requested a review from a team as a code owner April 7, 2026 14:39
@lwshang lwshang enabled auto-merge (squash) April 7, 2026 14:40
@lwshang lwshang merged commit fb97c99 into main Apr 7, 2026
10 checks passed
@lwshang lwshang deleted the lwshang/pnpm_update branch April 7, 2026 14:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@raymondk raymondk raymondk approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@lwshang @raymondk