chore (deps): bump terser from 5.46.2 to 5.48.0#2385
Merged
Conversation
dependabot
Bot
added
dependencies
dependabot
Bot
force-pushed
the
dependabot/npm_and_yarn/terser-5.47.1
branch
from
cc70402 to
c42b1e2
Compare
Contributor
Author
|
A newer version of terser exists, but since this PR has been edited by someone other than Dependabot I haven't updated it. You'll get a PR for the updated version as normal once this PR is merged. |
Contributor
|
@dependabot recreate |
dependabot
Bot
changed the title
dependabot
Bot
force-pushed
the
dependabot/npm_and_yarn/terser-5.47.1
branch
from
964d73f to
7147164
Compare
Contributor
|
@dependabot recreate |
Bumps [terser](https://github.com/terser/terser) from 5.46.2 to 5.48.0. - [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md) - [Commits](terser/terser@v5.46.2...v5.48.0) --- updated-dependencies: - dependency-name: terser dependency-version: 5.47.1 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
force-pushed
the
dependabot/npm_and_yarn/terser-5.47.1
branch
from
b0e8607 to
c1dcb15
Compare
GCHQDeveloper581
approved these changes
May 28, 2026
Contributor
GCHQDeveloper581
left a comment
GCHQDeveloper581
left a comment
There was a problem hiding this comment.
Due diligence:
- All tests pass
- New version is a legitimate revision and was published 7 days ago
- No reports of supply chain issues with this new version
engin0223
added a commit
to engin0223/CyberChef
that referenced
this pull request
May 31, 2026
* feat: add Raw option for Jq operation (gchq#2237) * Bump flatted from 3.3.2 to 3.4.2 (gchq#2266) * chore (deps): bump @codemirror/view from 6.39.17 to 6.40.0 (gchq#2262) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Add more helpful error for when numerical ingredient is left empty (gchq#1540) Co-authored-by: GCHQ Developer C85297 <95289555+C85297@users.noreply.github.com> * chore (deps): bump @babel/runtime from 7.28.6 to 7.29.2 (gchq#2263) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Selection and Deselection of autobake checkbox using keyboard (gchq#1727) * Add Parse Ethernet frame Operation, allow Parse IPv4 Header to cascade (gchq#1722) * Added tab focus to top banner and navigation to About/Support Modal (gchq#1733) * fix: return empty output for zero-length To Modhex input (gchq#2249) * Add pull request template with AI usage disclosure (gchq#2279) * ParseEthernetFrame - Fix vlan calculation (gchq#2295) * chore (deps) bump chromedriver from 130.0.4 to 146.0.6 (gchq#2292) * chore (deps): bump the patch-updates group with 3 updates (gchq#2296) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: GCHQDeveloper581 <63102987+GCHQDeveloper581@users.noreply.github.com> (add browser test for Template operation) * chore (deps): bump node-forge from 1.3.3 to 1.4.0 (gchq#2297) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore (deps): bump picomatch (gchq#2299) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore (deps): bump @xmldom/xmldom from 0.8.11 to 0.8.12 (gchq#2302) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore (deps): bump the patch-updates group with 2 updates (gchq#2303) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore (deps): bump @codemirror/view from 6.40.0 to 6.41.0 (gchq#2305) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore (deps): bump lodash from 4.17.23 to 4.18.1 (gchq#2304) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Properly escape HTML entities in sampleDelim to avoid XSS issue (gchq#2307) * Bump v10.23.0 (gchq#2310) * Update vulnerable dependencies (gchq#2311) Results of running 'npm audit fix' * chore (deps): bump basic-ftp from 5.2.0 to 5.2.1 (gchq#2313) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore (deps): bump webpack from 5.105.4 to 5.106.0 (gchq#2315) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore (deps): bump axios from 1.13.6 to 1.15.0 (gchq#2316) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Checked by: GCHQDeveloper581 * chore (deps): bump basic-ftp from 5.2.1 to 5.2.2 (gchq#2317) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Rewriting fixCryptoApiImports and fixSnackbarMarkup to js to make it OS agnostic (gchq#2298) * Regular Expression operation email address regex: Support IPv4 domains (gchq#2167) Co-authored-by: GCHQDeveloper581 <63102987+GCHQDeveloper581@users.noreply.github.com> * chore (deps): bump follow-redirects from 1.15.11 to 1.16.0 (gchq#2320) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore (deps): bump dompurify from 3.3.3 to 3.4.0 (gchq#2321) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore (deps): bump autoprefixer from 10.4.27 to 10.5.0 (gchq#2324) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore (deps): bump the patch-updates group with 6 updates (gchq#2323) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: GCHQDeveloper581 <63102987+GCHQDeveloper581@users.noreply.github.com> (removed jimp from updated dependencies) * chore (deps): bump lodash, grunt-legacy-log and grunt-legacy-util (gchq#2327) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update dependabot.yml (gchq#2326) Ignore jimp-1.6.1 (broken) when searching for updates. * (Feature) Improve CI (gchq#2328) * Use "npm ci" rather than "npm install" * Move UI tests before production image build * Save zip file artefact from build * chore (deps): bump @codemirror/search from 6.6.0 to 6.7.0 (gchq#2331) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore (deps): bump the patch-updates group with 6 updates (gchq#2330) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Added metadata extraction for UUID strings. (gchq#2322) * Accessibility - Add support for screenreaders in operations search (gchq#1862) * Feature md link blanks (gchq#660) Co-authored-by: GCHQDeveloper581 <63102987+GCHQDeveloper581@users.noreply.github.com> (added tests) * [gchq#927] added parity bit operation (gchq#1036) * Fix, and link, Fernet tests (gchq#2335) * Update CONTRIBUTING.md (gchq#2333) * Bump v10.24.0 (gchq#2338) * [Feature] Change to nginx-unprivileged image for better kubernetes support (gchq#1922) Breaking change: Port number for Docker Image has changed from 80 to 8080 * fix(node): enable asynchronous operation support in Node.js API (gchq#2342) Authored-by: engin0223 <engineda2014@hotmail.com> Changes cherry-picked by GCHQDeveloper581 <63102987+GCHQDeveloper581@users.noreply.github.com> Breaking change: Alters Node API - "bake" and "execute" are now declared async. * Make compatible with node >=22 (gchq#2273) Breaking change: uplifts the minimum version of node required to v20 * Fix XSS in Show Base64 offsets (gchq#2346) * Node version update from 22 to 24 (gchq#2347) Changes mostly authored-by: Leon Zandman <leon@wirwar.com> Cherry pick and minor additions by GCHQDeveloper581 <63102987+GCHQDeveloper581@users.noreply.github.com> * Revert sitemap to v8.0.X to fix build/deploy on master (gchq#2348) Revert sitemap to 8.0.3 as v9.x no longer provides a default export which code currently relies on * Bump v11.0.0 (gchq#2349) * Fix all zeros after 16384 bytes with Blake3 (gchq#2351) Co-authored-by: GCHQDeveloper581 <63102987+GCHQDeveloper581@users.noreply.github.com> (added test) * chore (deps): bump webpack-bundle-analyzer from 5.2.0 to 5.3.0 (gchq#2353) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore (deps): bump uuid from 13.0.0 to 14.0.0 (gchq#2332) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update dependabot for Node 24. (gchq#2361) - Reenable update of github actions - Unpin some packages * chore (deps): bump docker/setup-qemu-action from 3 to 4 (gchq#2367) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore (deps): bump docker/metadata-action from 4 to 6 (gchq#2366) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore (deps): bump crazy-max/ghaction-github-pages from 3 to 5 (gchq#2365) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore (deps): bump docker/setup-buildx-action from 3 to 4 (gchq#2364) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore (deps): bump docker/login-action from 3 to 4 (gchq#2363) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore (deps): bump the patch-updates group across 1 directory with 5 updates (gchq#2354) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * feat(operation-wrap): add new Wrap operation to format text at specified line width (gchq#1882) * chore (deps): bump axios from 1.15.0 to 1.16.0 (gchq#2369) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore (deps): bump ip-address from 10.1.0 to 10.2.0 (gchq#2371) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore (deps): bump picomatch from 2.3.1 to 2.3.2 (gchq#2370) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * update bcryptjs (gchq#2368) Co-authored-by: GCHQDeveloper581 <63102987+GCHQDeveloper581@users.noreply.github.com> (fixed browser tests) * chore (deps): bump fast-uri from 3.1.0 to 3.1.2 (gchq#2372) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Build docker container for arm v7 as well (gchq#2379) * [StepSecurity] Apply security best practices (gchq#2378) Signed-off-by: StepSecurity Bot <bot@stepsecurity.io> Co-authored-by: StepSecurity Bot <bot@stepsecurity.io> * chore (deps): bump the patch-updates group across 1 directory with 3 updates (gchq#2388) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore (deps): bump globals from 17.5.0 to 17.6.0 (gchq#2386) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore (deps): bump @codemirror/view from 6.41.1 to 6.43.0 (gchq#2384) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update chromedriver, and install corresponding chrome in workflows (fixes build) (gchq#2387) * Parse IPv4 Header HTML formatting fix (gchq#2401) * Parse Ethernet Frame HTML formatting fix (gchq#2402) * Series Chart HTML Formatting fix (gchq#2403) * Bump nginxinc/nginx-unprivileged from `808f784` to `b9f7ba1` (gchq#2389) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Include git ref in website download zip name (gchq#2339) * Fix flaky `npm run testui` (gchq#2412) * chore (deps): bump docker/build-push-action from 7.1.0 to 7.2.0 (gchq#2431) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore (deps): bump sql-formatter from 15.7.4 to 15.8.0 (gchq#2430) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore (deps): bump protobufjs from 7.5.8 to 7.6.0 (gchq#2429) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore (deps): bump webpack from 5.106.2 to 5.107.1 (gchq#2428) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * update bson (gchq#2425) Co-authored-by: GCHQDeveloper581 <63102987+GCHQDeveloper581@users.noreply.github.com> (update of dependabot excluded packages) * chore (deps): bump docker/metadata-action from 6.0.0 to 6.1.0 (gchq#2442) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore (deps): bump docker/login-action from 4.1.0 to 4.2.0 (gchq#2441) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore (deps): bump docker/setup-buildx-action from 4.0.0 to 4.1.0 (gchq#2439) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore (deps): bump the patch-updates group across 1 directory with 4 updates (gchq#2438) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Fix pgp tests (gchq#2461) Co-authored-by: C85297 <95289555+C85297@users.noreply.github.com> (fix for gchq#2267) * Bump webpack-dev-server to 5.2.4 (gchq#2417) * update sitemap (gchq#2443) * Make dependabot quieter (gchq#2467) * group remaining update categories * add cooldowns * chore (deps): bump terser from 5.46.2 to 5.48.0 (gchq#2385) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore (deps): bump the docker-dependencies group across 1 directory with 2 updates (gchq#2468) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore (deps): bump the patch-updates group across 1 directory with 6 updates (gchq#2463) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore (deps): bump qs and express Bumps [qs](https://github.com/ljharb/qs) and [express](https://github.com/expressjs/express). These dependencies needed to be updated together. Updates `qs` from 6.15.0 to 6.15.2 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.15.0...v6.15.2) Updates `express` from 4.22.1 to 4.22.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/v4.22.2/History.md) - [Commits](expressjs/express@v4.22.1...v4.22.2) --- updated-dependencies: - dependency-name: qs dependency-version: 6.15.2 dependency-type: indirect - dependency-name: express dependency-version: 4.22.2 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: StepSecurity Bot <bot@stepsecurity.io> Co-authored-by: Roman Karwacik <108284286+rtpt-romankarwacik@users.noreply.github.com> Co-authored-by: GCHQDeveloper581 <63102987+GCHQDeveloper581@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Cherry <35111165+Lamby777@users.noreply.github.com> Co-authored-by: GCHQ Developer C85297 <95289555+C85297@users.noreply.github.com> Co-authored-by: j264415 <128609898+j264415@users.noreply.github.com> Co-authored-by: Ted Kruijff <tedk@ted.do> Co-authored-by: Sascha Buehrle <47737812+saschabuehrle@users.noreply.github.com> Co-authored-by: BigYellowHammer <6392942+BigYellowHammer@users.noreply.github.com> Co-authored-by: ko80240 <275699905+ko80240@users.noreply.github.com> Co-authored-by: Matt C <me@mitt.dev> Co-authored-by: Björn Heinrichs <manfie@protonmail.ch> Co-authored-by: j83305 <63656067+j83305@users.noreply.github.com> Co-authored-by: Henrik Solberg <solberg.henrik@gmail.com> Co-authored-by: Zach Bowden <github@zachbowden.com> Co-authored-by: 0xff1ce <167429331+0xff1ce@users.noreply.github.com> Co-authored-by: StepSecurity Bot <bot@stepsecurity.io> Co-authored-by: Leon Zandman <leon@wirwar.com> Co-authored-by: Blank0120 <49434568+Blank0120@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps terser from 5.46.2 to 5.48.0.
Changelog
Sourced from terser's changelog.
Commits
794a4745.48.09778373update changelog7f77594do not fuzz test in questionable OS702926fSupport source-phase imports (import source/import deferand dynamic `i...bf949e75.47.123bb72eupdate changelog1fd2134fix crash when usingmangle.keep_fnameswith destructuring. Closes #16817cbd24d5.47.0b1bc6bdupdate changelogbe36c87add "builtins" and "builtins_pure" options (#1651)