Skip to content

chore: bump the npm-low-risk group across 1 directory with 9 updates#248

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/npm-low-risk-f1585db67f
Open

chore: bump the npm-low-risk group across 1 directory with 9 updates#248
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/npm-low-risk-f1585db67f

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 1, 2026

Copy link
Copy Markdown
Contributor

Bumps the npm-low-risk group with 9 updates in the / directory:

Package From To
@axe-core/webdriverjs 4.10.2 4.12.1
core-js 3.45.1 3.49.0
emoji-regex 10.5.0 10.6.0
grunt 1.6.1 1.6.2
jsdoc 4.0.4 4.0.5
mocha 11.7.2 11.7.6
prettier 3.6.2 3.9.5
selenium-webdriver 4.35.0 4.45.0
serve-handler 6.1.6 6.1.7

Updates @axe-core/webdriverjs from 4.10.2 to 4.12.1

Release notes

Sourced from @​axe-core/webdriverjs's releases.

v4.11.3

What's Changed

New Contributors

Full Changelog: dequelabs/axe-core-npm@v4.11.2...v4.11.3

Release 4.11.2

Bug Fixes

Release 4.11.1

Bug Fixes

Release 4.11.0

Bug Fixes

Features

Changelog

Sourced from @​axe-core/webdriverjs's changelog.

4.12.1 (2026-06-22)

Features

4.11.3 (2026-04-29)

Bug Fixes

4.11.2 (2026-04-14)

Bug Fixes

4.11.1 (2026-01-09)

Bug Fixes

4.11.0 (2025-10-14)

Bug Fixes

Features

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​axe-core/webdriverjs since your current version.


Updates core-js from 3.45.1 to 3.49.0

Changelog

Sourced from core-js's changelog.

3.49.0 - 2026.03.16

  • Changes v3.48.0...v3.49.0 (373 commits)
  • Iterator.range updated following the actual spec version
    • Throw a RangeError on NaN start / end / step
    • Allow null as optionOrStep
  • Improved accuracy of Math.{ asinh, atanh } polyfills with big and small values
  • Improved accuracy of Number.prototype.toExponential polyfills with big and small values
  • Improved performance of atob, btoa, Uint8Array.fromHex, Uint8Array.prototype.setFromHex, and Uint8Array.prototype.toHex, #1503, #1464, #1510, thanks @​johnzhou721
  • Minor performance optimization polyfills of methods from Map upsert proposal
  • Polyfills of methods from Map upsert proposal from the pure version made generic to make it work with polyfilled and native collections
  • Wrap Symbol.for in Symbol.prototype.description polyfill for correct handling of empty string descriptions
  • Fixed a modern Safari bug in Array.prototype.includes with sparse arrays and fromIndex
  • Fixed one more case (Iterator.prototype.take) of a V8 ~ Chromium < 126 bug
  • Forced replacement of Iterator.{ concat, zip, zipKeyed } in the pure version for ensuring proper wrapped Iterator instances as the result
  • Fixed proxying .return() on exhausted iterator from some methods of iterator helpers polyfill to the underlying iterator
  • Fixed double .return() calling in case of throwing error in this method in the internal iterate helper that affected some polyfills
  • Fixed closing iterator on IteratorValue errors in the internal iterate helper that affected some polyfills
  • Fixed iterator closing in Array.from polyfill on failure to create array property
  • Fixed order of arguments validation in Array.fromAsync polyfill
  • Fixed a lack of counter validation on MAX_SAFE_INTEGER in Array.fromAsync polyfill
  • Fixed order of arguments validation in Array.prototype.flat polyfill
  • Fixed handling strings as iterables in Iterator.{ zip, zipKeyed } polyfills
  • Fixed some cases of iterators closing in Iterator.{ zip, zipKeyed } polyfills
  • Fixed validation of iterators .next() results an objects in Iterator.{ zip, zipKeyed } polyfills
  • Fixed a lack of early error in Iterator.concat polyfill on primitive as an iterator
  • Fixed buffer mutation exposure in Iterator.prototype.windows polyfill
  • Fixed iterator closing in Set.prototype.{ isDisjointFrom, isSupersetOf } polyfill
  • Fixed (updated following the final spec) one more case Set.prototype.difference polyfill with updating this
  • Fixed DataView.prototype.setFloat16 polyfill in (0, 1) range
  • Fixed order of arguments validation in String.prototype.{ padStart, padEnd } polyfills
  • Fixed order of arguments validation in String.prototype.{ startsWith, endsWith } polyfills
  • Fixed some cases of Infinity handling in String.prototype.substr polyfill
  • Fixed String.prototype.repeat polyfill with a counter exceeding 2 ** 32
  • Fixed some cases of chars case in escape polyfill
  • Fixed named backreferences in RegExp NCG polyfill
  • Fixed some cases of RegExp NCG polyfill in combination with other types of groups
  • Fixed some cases of RegExp NCG polyfill in combination with dotAll
  • Fixed String.prototype.replace with sticky polyfill, #810, #1514
  • Fixed RegExp sticky polyfill with alternation
  • Fixed handling of some line terminators in case of multiline + sticky mode in RegExp polyfill
  • Fixed .input slicing on result object with RegExp sticky mode polyfill
  • Fixed handling of empty groups with global and unicode modes in polyfills
  • Fixed URLSearchParam.prototype.delete polyfill with duplicate key-value pairs
  • Fixed possible removal of unnecessary entries in URLSearchParam.prototype.delete polyfill with second argument
  • Fixed an error in some cases of non-special URLs without a path in the URL polyfill
  • Fixed some percent encode cases / character sets in the URL polyfill
  • Fixed parsing of non-IPv4 hosts ends in a number in the URL polyfill
  • Fixed some cases of '' and null host handling in the URL polyfill
  • Fixed host parsing with hostname = host:port in the URL polyfill
  • Fixed host inheritance in some cases of file scheme in the URL polyfill

... (truncated)

Commits
  • 80adfc4 v3.49.0
  • 0ad3e00 fix a modern Safari bug in Array.prototype.includes with sparse arrays and ...
  • 853bfa4 update some links
  • b4d723f fix a lack of counter validation on MAX_SAFE_INTEGER in Array.fromAsync p...
  • e276676 fix parsing of non-IPv4 hosts ends in a number in the URL polyfill
  • dd1cfba fix order of arguments validation in String.prototype.{ padStart, padEnd } ...
  • b952c5f add an extra protection to configurator
  • e490caf Fix for #810 (#1514)
  • 10b4e86 drop an unneeded comment
  • 28cf2e9 feat: Improve performance of Uint8Array Hex functions (#1510)
  • Additional commits viewable in compare view

Updates emoji-regex from 10.5.0 to 10.6.0

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for emoji-regex since your current version.


Updates grunt from 1.6.1 to 1.6.2

Changelog

Sourced from grunt's changelog.

v1.6.2 date: 2026-04-14 changes: - Update minimatch to 3.1.5. (PR: gruntjs/grunt#1796) - Update nopt to 5.0.0. (PR: gruntjs/grunt#1778)

Commits
Maintainer changes

This version was pushed to npm by krinkle, a new releaser for grunt since your current version.


Updates jsdoc from 4.0.4 to 4.0.5

Changelog

Sourced from jsdoc's changelog.

4.0.5 (October 2025)

Fixes a performance issue when generating documentation for medium-to-large APIs.

Commits

Updates mocha from 11.7.2 to 11.7.6

Release notes

Sourced from mocha's releases.

v11.7.6

11.7.6 (2026-02-14)

🩹 Fixes

  • make describe().timeout() work (aafe6fd)
  • test: replace wmic usage with native Windows API (#5694) (73ebdfa)

🧹 Chores

v11.7.5

11.7.5 (2025-11-04)

🩹 Fixes

  • swallow more require errors from *ts files (#5498) (d89dbaf)

🧹 Chores

v11.7.4

11.7.4 (2025-10-01)

🩹 Fixes

📚 Documentation

  • migrate remaining legacy wiki pages to main documentation (#5465) (bff9166)

🧹 Chores

v11.7.3

11.7.3 (2025-09-30)

... (truncated)

Changelog

Sourced from mocha's changelog.

11.7.6 (2026-02-14)

🩹 Fixes

  • make describe().timeout() work (aafe6fd)
  • test: replace wmic usage with native Windows API (#5694) (73ebdfa)

🧹 Chores

11.7.5 (2025-11-04)

🩹 Fixes

  • swallow more require errors from *ts files (#5498) (d89dbaf)

🧹 Chores

11.7.4 (2025-10-01)

🩹 Fixes

📚 Documentation

  • migrate remaining legacy wiki pages to main documentation (#5465) (bff9166)

🧹 Chores

11.7.3 (2025-09-30)

🩹 Fixes

  • use original require() error for TS files if ERR_UNKNOWN_FILE_EXTENSION (#5408) (ebdbc48)

... (truncated)

Commits

Updates prettier from 3.6.2 to 3.9.5

Release notes

Sourced from prettier's releases.

3.9.5

🔗 Changelog

3.9.4

  • Angular: Format @content(name) -> @content (name) to align with other block syntax (#19499 by @​fisker)

🔗 Changelog

3.9.3

🔗 Changelog

3.9.1

🔗 Changelog

3.9.0

diff

🔗 Prettier 3.9: Major parser upgrades and Formatting improvements

3.8.5

🔗 Changelog

3.8.4

🔗 Changelog

3.8.3

🔗 Changelog

3.8.2

  • Support Angular v21.2

🔗 Changelog

3.8.1

🔗 Changelog

... (truncated)

Changelog

Sourced from prettier's changelog.

3.9.5

diff

Markdown: Cap ordered list mark at 999,999,999 (#19351 by @​tats-u)

CommonMark parsers only support ordered list item numbers up to 999,999,999.

With this change, Prettier now caps the ordered list item number at 999,999,999 to ensure that the output is correctly parsed as an ordered list by CommonMark parsers. Numbers larger than 999,999,999 are not parsed as list item numbers and are left unchanged in the output:

<!-- Input -->
999999998. text
999999998. text
999999998. text
999999998. text
1234567890123456789012) text
<!-- Prettier 3.9.4 -->
999999998. text
999999999. text
1000000000. text
1000000001. text
1234567890123456789012) text
<!-- Prettier 3.9.5 -->
999999998. text
999999999. text
999999999. text
999999999. text
1234567890123456789012) text

Markdown: Avoid corrupting empty link with title (#19487 by @​andersk)

Do not remove <> from an inline link or image with an empty URL and a title, as this removal would change its interpretation.

<!-- Input -->
[link](https://github.com/prettier/prettier/blob/main/<> "title")
<!-- Prettier 3.9.4 -->
[link](https://github.com/prettier/prettier/blob/main/ "title")
<!-- Prettier 3.9.5 -->
</tr></table>

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for prettier since your current version.


Updates selenium-webdriver from 4.35.0 to 4.45.0

Release notes

Sourced from selenium-webdriver's releases.

Selenium 4.45.0

Detailed Changelogs by Component

Java     |     Python     |     DotNet     |     Ruby     |     JavaScript

What's Changed

... (truncated)

Commits
  • cd6a3cd [build] Prepare for release of selenium-4.45.0 (#17680)
  • 15fad06 [build] Automated Browser Version Update (#17679)
  • cb9b6fd [grid] Add support Redis-backed for SessionQueue (#17678)
  • 18bb1d9 [py] terminate driver service process when start() fails to connect (#17651)
  • b3164ef [grid] add HtmlUnit browser logo to Grid UI (#17656)
  • bb741bd [build] Automated Browser Version Update (#17658)
  • 887237c [py] translate continue_request/continue_response kwargs to BiDi wire format ...
  • f53de51 [rb] run minimize test on linux now that #17644 fixed fluxbox startup
  • 3f37cce [rb] set window state before each window test instead of resetting driver
  • 2bfb990 [rb] skip Safari double_click action tests
  • Additional commits viewable in compare view

Updates serve-handler from 6.1.6 to 6.1.7

Release notes

Sourced from serve-handler's releases.

6.1.7

Patches

  • Fix: update minimatch to 3.1.5 to resolve security vulnerabilities: #228

Credits

Huge thanks to @​ParakhJaggi for helping!

Commits

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Jul 1, 2026
@dependabot
dependabot Bot force-pushed the dependabot/npm_and_yarn/npm-low-risk-f1585db67f branch from 13b2743 to 2809026 Compare July 2, 2026 10:59
@dependabot
dependabot Bot force-pushed the dependabot/npm_and_yarn/npm-low-risk-f1585db67f branch from 2809026 to 0c5c122 Compare July 16, 2026 07:04
Bumps the npm-low-risk group with 9 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [@axe-core/webdriverjs](https://github.com/dequelabs/axe-core-npm) | `4.10.2` | `4.12.1` |
| [core-js](https://github.com/zloirock/core-js/tree/HEAD/packages/core-js) | `3.45.1` | `3.49.0` |
| [emoji-regex](https://github.com/mathiasbynens/emoji-regex) | `10.5.0` | `10.6.0` |
| [grunt](https://github.com/gruntjs/grunt) | `1.6.1` | `1.6.2` |
| [jsdoc](https://github.com/jsdoc/jsdoc) | `4.0.4` | `4.0.5` |
| [mocha](https://github.com/mochajs/mocha) | `11.7.2` | `11.7.6` |
| [prettier](https://github.com/prettier/prettier) | `3.6.2` | `3.9.5` |
| [selenium-webdriver](https://github.com/SeleniumHQ/selenium) | `4.35.0` | `4.45.0` |
| [serve-handler](https://github.com/vercel/serve-handler) | `6.1.6` | `6.1.7` |



Updates `@axe-core/webdriverjs` from 4.10.2 to 4.12.1
- [Release notes](https://github.com/dequelabs/axe-core-npm/releases)
- [Changelog](https://github.com/dequelabs/axe-core-npm/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/dequelabs/axe-core-npm/commits)

Updates `core-js` from 3.45.1 to 3.49.0
- [Release notes](https://github.com/zloirock/core-js/releases)
- [Changelog](https://github.com/zloirock/core-js/blob/master/CHANGELOG.md)
- [Commits](https://github.com/zloirock/core-js/commits/v3.49.0/packages/core-js)

Updates `emoji-regex` from 10.5.0 to 10.6.0
- [Commits](mathiasbynens/emoji-regex@v10.5.0...v10.6.0)

Updates `grunt` from 1.6.1 to 1.6.2
- [Release notes](https://github.com/gruntjs/grunt/releases)
- [Changelog](https://github.com/gruntjs/grunt/blob/main/CHANGELOG)
- [Commits](gruntjs/grunt@v1.6.1...v1.6.2)

Updates `jsdoc` from 4.0.4 to 4.0.5
- [Release notes](https://github.com/jsdoc/jsdoc/releases)
- [Changelog](https://github.com/jsdoc/jsdoc/blob/4.0.5/CHANGES.md)
- [Commits](jsdoc/jsdoc@4.0.4...4.0.5)

Updates `mocha` from 11.7.2 to 11.7.6
- [Release notes](https://github.com/mochajs/mocha/releases)
- [Changelog](https://github.com/mochajs/mocha/blob/v11.7.6/CHANGELOG.md)
- [Commits](mochajs/mocha@v11.7.2...v11.7.6)

Updates `prettier` from 3.6.2 to 3.9.5
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](prettier/prettier@3.6.2...3.9.5)

Updates `selenium-webdriver` from 4.35.0 to 4.45.0
- [Release notes](https://github.com/SeleniumHQ/selenium/releases)
- [Commits](SeleniumHQ/selenium@selenium-4.35.0...selenium-4.45.0)

Updates `serve-handler` from 6.1.6 to 6.1.7
- [Release notes](https://github.com/vercel/serve-handler/releases)
- [Commits](vercel/serve-handler@6.1.6...6.1.7)

---
updated-dependencies:
- dependency-name: "@axe-core/webdriverjs"
  dependency-version: 4.12.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-low-risk
- dependency-name: core-js
  dependency-version: 3.49.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-low-risk
- dependency-name: emoji-regex
  dependency-version: 10.6.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-low-risk
- dependency-name: grunt
  dependency-version: 1.6.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-low-risk
- dependency-name: jsdoc
  dependency-version: 4.0.5
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-low-risk
- dependency-name: mocha
  dependency-version: 11.7.6
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-low-risk
- dependency-name: prettier
  dependency-version: 3.8.4
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-low-risk
- dependency-name: selenium-webdriver
  dependency-version: 4.45.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-low-risk
- dependency-name: serve-handler
  dependency-version: 6.1.7
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-low-risk
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
dependabot Bot force-pushed the dependabot/npm_and_yarn/npm-low-risk-f1585db67f branch from 0c5c122 to 94337ad Compare July 17, 2026 10:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants