https://pact.io logo
Join Slack
Powered by
# pact-js-development
  • g

    GitHub

    11/16/2025, 4:51 AM
    #760 chore(deps): update dependency @tsconfig/node14 to v14.1.7 Pull request opened by renovate[bot] This PR contains the following updates: | Package | Change | Age | Confidence | | ------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | [@tsconfig/node14](https://redirect.github.com/tsconfig/bases) ([source](https://redirect.github.com/tsconfig/bases/tree/HEAD/bases)) | [14.1.6 -> 14.1.7](https://renovatebot.com/diffs/npm/@tsconfig%2fnode14/14.1.6/14.1.7) | [[age](https://camo.githubusercontent.com/b91d1bc5cee7138427be869a5b79889a03cc53e657cbe730bd4ff89113ef9900/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f6167652f6e706d2f407473636f6e6669672532666e6f646531342f31342e312e373f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | [[confidence](https://camo.githubusercontent.com/7cdfb3a4c760bc5daa0b88bec5173ce1f54b07fdb3d083d055a093b6c713a9bc/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f636f6e666964656e63652f6e706d2f407473636f6e6669672532666e6f646531342f31342e312e362f31342e312e373f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes tsconfig/bases (@​tsconfig/node14) ### `v14.1.7` Compare Source --- ### Configuration 📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 Automerge: Enabled. ♻️ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about this update again. --- • If you want to rebase/retry this PR, check this box --- This PR was generated by Mend Renovate. View the repository job log. pact-foundation/pact-js-core
    • 1
    • 1
  • g

    GitHub

    11/17/2025, 4:48 AM
    #761 chore(deps): update dependency form-data to v4.0.5 Pull request opened by renovate[bot] This PR contains the following updates: | Package | Change | Age | Confidence | | ------------------------------------------------------------ | ------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | [form-data](https://redirect.github.com/form-data/form-data) | [4.0.4 -> 4.0.5](https://renovatebot.com/diffs/npm/form-data/4.0.4/4.0.5) | [[age](https://camo.githubusercontent.com/6820817c8fa0c27d9f620f8acb6f03cfd9a8773a073c5cbfb2ea11d62055eeac/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f6167652f6e706d2f666f726d2d646174612f342e302e353f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | [[confidence](https://camo.githubusercontent.com/abdf7136ab919af7f407b04a8a03037d1435eda166d16b4bd3b5bdc9f4d49102/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f636f6e666964656e63652f6e706d2f666f726d2d646174612f342e302e342f342e302e353f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes form-data/form-data (form-data) ### `v4.0.5` Compare Source ##### Commits • [Tests] Switch to newer v8 prediction library; enable node 24 testing `16e0076` • [Dev Deps] update
    @ljharb/eslint-config
    ,
    eslint
    `5822467` • [Fix] set Symbol.toStringTag in the proper place `76d0dee` --- ### Configuration 📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 Automerge: Enabled. ♻️ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about this update again. --- • If you want to rebase/retry this PR, check this box --- This PR was generated by Mend Renovate. View the repository job log. pact-foundation/pact-js-core
    • 1
    • 1
  • g

    GitHub

    11/17/2025, 12:11 PM
    #1607 chore(deps): update dependency @types/sinon to v21 Pull request opened by renovate[bot] This PR contains the following updates: | Package | Change | Age | Confidence | | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | [@types/sinon](https://redirect.github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/sinon) ([source](https://redirect.github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/sinon)) | [20.0.0 -> 21.0.0](https://renovatebot.com/diffs/npm/@types%2fsinon/20.0.0/21.0.0) | [[age](https://camo.githubusercontent.com/363284092ed0fa4e7c6364de658fc1c0144d1f08b9df827c303109c12317efbc/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f6167652f6e706d2f40747970657325326673696e6f6e2f32312e302e303f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | [[confidence](https://camo.githubusercontent.com/fcf0fbcde8ac86abda00b2395d8db053d0df7e06b9c559b3af9887b4159983b4/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f636f6e666964656e63652f6e706d2f40747970657325326673696e6f6e2f32302e302e302f32312e302e303f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 Automerge: Enabled. ♻️ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about this update again. --- • If you want to rebase/retry this PR, check this box --- This PR was generated by Mend Renovate. View the repository job log. pact-foundation/pact-js
    • 1
    • 1
  • g

    GitHub

    11/17/2025, 12:14 PM
    #762 chore(deps): update dependency @types/sinon to v21 Pull request opened by renovate[bot] This PR contains the following updates: | Package | Change | Age | Confidence | | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | [@types/sinon](https://redirect.github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/sinon) ([source](https://redirect.github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/sinon)) | [17.0.4 -> 21.0.0](https://renovatebot.com/diffs/npm/@types%2fsinon/17.0.4/21.0.0) | [[age](https://camo.githubusercontent.com/363284092ed0fa4e7c6364de658fc1c0144d1f08b9df827c303109c12317efbc/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f6167652f6e706d2f40747970657325326673696e6f6e2f32312e302e303f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | [[confidence](https://camo.githubusercontent.com/092d0b5e56198df513973a01bbada2a381bbcb9f53671626f5574f2b9510e555/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f636f6e666964656e63652f6e706d2f40747970657325326673696e6f6e2f31372e302e342f32312e302e303f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 Automerge: Enabled. ♻️ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about this update again. --- • If you want to rebase/retry this PR, check this box --- This PR was generated by Mend Renovate. View the repository job log. pact-foundation/pact-js-core
    • 1
    • 1
  • g

    GitHub

    11/17/2025, 5:57 PM
    #763 chore(deps): update actions/checkout digest to 93cb6ef Pull request opened by renovate[bot] This PR contains the following updates: | Package | Type | Update | Change | | ---------------------------------------------------------------- | ------ | ------ | ------------------ | | [actions/checkout](https://redirect.github.com/actions/checkout) | action | digest | 08c6903 -> 93cb6ef | --- ### Configuration 📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 Automerge: Enabled. ♻️ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about this update again. --- • If you want to rebase/retry this PR, check this box --- This PR was generated by Mend Renovate. View the repository job log. pact-foundation/pact-js-core
    • 1
    • 1
  • g

    GitHub

    11/17/2025, 6:03 PM
    #764 chore(deps): update typescript-eslint monorepo to v8.47.0 Pull request opened by renovate[bot] This PR contains the following updates: | Package | Change | Age | Confidence | | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | [@typescript-eslint/eslint-plugin](https://typescript-eslint.io/packages/eslint-plugin) ([source](https://redirect.github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin)) | [8.46.4 -> 8.47.0](https://renovatebot.com/diffs/npm/@typescript-eslint%2feslint-plugin/8.46.4/8.47.0) | [[age](https://camo.githubusercontent.com/2c00f31c5faf20059cd7ae9a56db5595237f0fe68aa60f8e0a8d8cb8c4b15998/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f6167652f6e706d2f40747970657363726970742d65736c696e7425326665736c696e742d706c7567696e2f382e34372e303f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | [[confidence](https://camo.githubusercontent.com/fdb7f6fd28e67b66d35edfece4fcd79e8db6e641aa85efe41cadae1f61c86291/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f636f6e666964656e63652f6e706d2f40747970657363726970742d65736c696e7425326665736c696e742d706c7567696e2f382e34362e342f382e34372e303f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | | [@typescript-eslint/parser](https://typescript-eslint.io/packages/parser) ([source](https://redirect.github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser)) | [8.46.4 -> 8.47.0](https://renovatebot.com/diffs/npm/@typescript-eslint%2fparser/8.46.4/8.47.0) | [[age](https://camo.githubusercontent.com/bb641ef71e0e5386eb80746bc9871c8da16355ea12b1b12e420b6119c68754bf/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f6167652f6e706d2f40747970657363726970742d65736c696e742532667061727365722f382e34372e303f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | [[confidence](https://camo.githubusercontent.com/6850f641b6d30241d986f0d9931a948de116e57225073cbde61f1053053cc351/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f636f6e666964656e63652f6e706d2f40747970657363726970742d65736c696e742532667061727365722f382e34362e342f382e34372e303f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | | [typescript-eslint](https://typescript-eslint.io/packages/typescript-eslint) ([source](https://redirect.github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint)) | [8.46.4 -> 8.47.0](https://renovatebot.com/diffs/npm/typescript-eslint/8.46.4/8.47.0) | [[age](https://camo.githubusercontent.com/b4ec13e7877d34988a39254c609ed60234a94497acd590b0f82ecfc30dbadefa/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f6167652f6e706d2f747970657363726970742d65736c696e742f382e34372e303f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | [[confidence](https://camo.githubusercontent.com/64ea74c73f62c3b21d8a2c20f2acf7fd86d1536d01a40a30ea9ef14e0a35ff71/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f636f6e666964656e63652f6e706d2f747970657363726970742d65736c696e742f382e34362e342f382e34372e303f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes typescript-eslint/typescript-eslint (@​typescript-eslint/eslint-plugin) ### `v8.47.0` Compare Source ##### 🚀 Features • eslint-plugin: [no-unused-private-class-members] new extension rule (#​10913) ##### ❤️ Thank You • Brad Zacher @​bradzacher You can read about our versioning strategy and releases on our website. typescript-eslint/typescript-eslint (@​typescript-eslint/parser) ### `v8.47.0` Compare Source This was a version bump only for parser to align it with other projects, there were no code changes. You can read about our versioning strategy and releases on our website. typescript-eslint/typescript-eslint (typescript-eslint) ### `v8.47.0` Compare Source This was a version bump only for typescript-eslint to align it with other projects, there were no code changes. You can read about our versioning strategy and releases on our website. --- ### Configuration 📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 Automerge: Enabled. ♻️ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about these updates again. --- • If you want to rebase/retry this PR, check this box --- This PR was generated by Mend Renovate. View the <https://developer.mend.io/githu… pact-foundation/pact-js-core
    • 1
    • 1
  • g

    GitHub

    11/17/2025, 11:15 PM
    #1608 chore(deps): update actions/checkout digest to 93cb6ef Pull request opened by renovate[bot] This PR contains the following updates: | Package | Type | Update | Change | | ---------------------------------------------------------------- | ------ | ------ | ------------------ | | [actions/checkout](https://redirect.github.com/actions/checkout) | action | digest | 08c6903 -> 93cb6ef | --- ### Configuration 📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 Automerge: Enabled. ♻️ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about this update again. --- • If you want to rebase/retry this PR, check this box --- This PR was generated by Mend Renovate. View the repository job log. pact-foundation/pact-js
    • 1
    • 1
  • g

    GitHub

    11/18/2025, 6:44 AM
    #765 chore(deps): update dependency @tsconfig/node14 to v14.1.8 Pull request opened by renovate[bot] This PR contains the following updates: | Package | Change | Age | Confidence | | ------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | [@tsconfig/node14](https://redirect.github.com/tsconfig/bases) ([source](https://redirect.github.com/tsconfig/bases/tree/HEAD/bases)) | [14.1.7 -> 14.1.8](https://renovatebot.com/diffs/npm/@tsconfig%2fnode14/14.1.7/14.1.8) | [[age](https://camo.githubusercontent.com/74fc93217fcbc68dc4bc9ed503a3285ee6c55ea976c6aea328c22372f7b810aa/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f6167652f6e706d2f407473636f6e6669672532666e6f646531342f31342e312e383f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | [[confidence](https://camo.githubusercontent.com/8c1b2feefc5c6c1f16fb59c2d10eb3b1b9b261bddb9be0ad5e67293845e4e888/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f636f6e666964656e63652f6e706d2f407473636f6e6669672532666e6f646531342f31342e312e372f31342e312e383f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes tsconfig/bases (@​tsconfig/node14) ### `v14.1.8` Compare Source --- ### Configuration 📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 Automerge: Enabled. ♻️ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about this update again. --- • If you want to rebase/retry this PR, check this box --- This PR was generated by Mend Renovate. View the repository job log. pact-foundation/pact-js-core
    • 1
    • 1
  • g

    GitHub

    11/18/2025, 8:14 PM
    #1609 chore(deps-dev): bump js-yaml from 3.14.1 to 3.14.2 in /examples/v3/provider-state-injected Pull request opened by dependabot[bot] Bumps js-yaml from 3.14.1 to 3.14.2. Changelog Sourced from js-yaml's changelog.
    ## [3.14.2] - 2025-11-15
    ### Security
    • Backported v4.1.1 fix to v3
    ## [4.1.1] - 2025-11-12
    ### Security
    • Fix prototype pollution issue in yaml merge (<<) operator.
    ## [4.1.0] - 2021-04-15
    ### Added
    • Types are now exported as
    <http://yaml.types.XXX|yaml.types.XXX>
    .
    • Every type now has
    options
    property with original arguments kept as they were (see
    yaml.types.int.options
    as an example).
    ### Changed
    •
    Schema.extend()
    now keeps old type order in case of conflicts (e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as
    abcd
    instead of
    cbad
    ).
    ## [4.0.0] - 2021-01-03
    ### Changed
    • Check migration guide to see details for all breaking changes.
    • Breaking: "unsafe" tags
    !!js/function
    ,
    !!js/regexp
    ,
    !!js/undefined
    are moved to js-yaml-js-types package.
    • Breaking: removed
    safe*
    functions. Use
    load
    ,
    loadAll
    , `dump`instead which are all now safe by default.
    •
    yaml.DEFAULT_SAFE_SCHEMA
    and
    yaml.DEFAULT_FULL_SCHEMA
    are removed, use`yaml.DEFAULT_SCHEMA` instead.
    •
    yaml.Schema.create(schema, tags)
    is removed, use
    schema.extend(tags)
    instead.
    •
    !!binary
    now always mapped to
    Uint8Array
    on load.
    • Reduced nesting of
    /lib
    folder.
    • Parse numbers according to YAML 1.2 instead of YAML 1.1 (
    01234
    is now decimal,
    0o1234
    is octal,
    1:23
    is parsed as string instead of base60).
    •
    dump()
    no longer quotes
    :
    ,
    [
    ,
    ]
    ,
    (
    ,
    )
    except when necessary, #470, #557.
    • Line and column in exceptions are now formatted as
    (X:Y)
    instead of`at line X, column Y` (also present in compact format), #332.
    • Code snippet created in exceptions now contains multiple lines with line numbers.
    •
    dump()
    now serializes
    undefined
    as
    null
    in collections and removes keys with`undefined` in mappings, #571.
    •
    dump()
    with
    skipInvalid=true
    now serializes invalid items in collections as null.
    • Custom tags starting with
    !
    are now dumped as
    !tag
    instead of
    !<!tag>
    , #576.
    • Custom tags starting with
    tag:<http://yaml.org|yaml.org>,2002:
    are now shorthanded using
    !!
    , #258.
    ### Added
    • Added
    .mjs
    (es modules) support.
    • Added
    quotingType
    and
    forceQuotes
    options for dumper to configure string literal style, #290, #529.
    • Added
    styles: { '!!null': 'empty' }
    option for dumper (serializes
    { foo: null }
    as "`foo: `"), #570.
    ... (truncated) Commits • `9963d36` 3.14.2 released • `10d3c8e` dist rebuild • `5278870` fix prototype pollution in merge (<<) (#731) • See full diff in compare view [Dependabot compatibility score](https://camo.githubusercontent.com/b11949402e197740284dbf67773f782149902336f3efca9c13dad70f8f5110cd/68747470733a2f2f646570656e6461626f742d6261646765732e6769746875626170702e636f6d2f6261646765732f636f6d7061746962696c6974795f73636f72653f646570656e64656e63792d6e616d653d6a732d79616d6c267061636b6167652d6d616e616765723d6e706d5f616e645f7961726e2670726576696f75732d76657273696f6e3d332e31342e31266e65772d76657273696f6e3d332e31342e32) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
    @dependabot rebase
    . --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: •
    @dependabot rebase
    will rebase this PR •
    @dependabot recreate
    will recreate this PR, overwriting any edits that have been made to it •
    @dependabot merge
    will merge this PR after your CI passes on it •
    @dependabot squash and merge
    will squash and merge this PR after your CI passes on it •
    @dependabot cancel merge
    will cancel a previously requested merge and block automerging •
    @dependabot reopen
    will reopen this PR if it is closed •
    @dependabot close
    will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually •
    @dependabot show <dependency name> ignore conditions
    will show all of the ignore conditions of the specified dependency •
    @dependabot ignore this major version
    will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) •
    @dependabot ignore this minor version
    will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) •
    @dependabot ignore this dependency
    will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page. pact-foundation/pact-js
  • g

    GitHub

    11/18/2025, 8:15 PM
    #1610 chore(deps): bump js-yaml from 3.14.1 to 3.14.2 in /examples/v2/jest Pull request opened by dependabot[bot] Bumps js-yaml from 3.14.1 to 3.14.2. Changelog Sourced from js-yaml's changelog.
    ## [3.14.2] - 2025-11-15
    ### Security
    • Backported v4.1.1 fix to v3
    ## [4.1.1] - 2025-11-12
    ### Security
    • Fix prototype pollution issue in yaml merge (<<) operator.
    ## [4.1.0] - 2021-04-15
    ### Added
    • Types are now exported as
    <http://yaml.types.XXX|yaml.types.XXX>
    .
    • Every type now has
    options
    property with original arguments kept as they were (see
    yaml.types.int.options
    as an example).
    ### Changed
    •
    Schema.extend()
    now keeps old type order in case of conflicts (e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as
    abcd
    instead of
    cbad
    ).
    ## [4.0.0] - 2021-01-03
    ### Changed
    • Check migration guide to see details for all breaking changes.
    • Breaking: "unsafe" tags
    !!js/function
    ,
    !!js/regexp
    ,
    !!js/undefined
    are moved to js-yaml-js-types package.
    • Breaking: removed
    safe*
    functions. Use
    load
    ,
    loadAll
    , `dump`instead which are all now safe by default.
    •
    yaml.DEFAULT_SAFE_SCHEMA
    and
    yaml.DEFAULT_FULL_SCHEMA
    are removed, use`yaml.DEFAULT_SCHEMA` instead.
    •
    yaml.Schema.create(schema, tags)
    is removed, use
    schema.extend(tags)
    instead.
    •
    !!binary
    now always mapped to
    Uint8Array
    on load.
    • Reduced nesting of
    /lib
    folder.
    • Parse numbers according to YAML 1.2 instead of YAML 1.1 (
    01234
    is now decimal,
    0o1234
    is octal,
    1:23
    is parsed as string instead of base60).
    •
    dump()
    no longer quotes
    :
    ,
    [
    ,
    ]
    ,
    (
    ,
    )
    except when necessary, #470, #557.
    • Line and column in exceptions are now formatted as
    (X:Y)
    instead of`at line X, column Y` (also present in compact format), #332.
    • Code snippet created in exceptions now contains multiple lines with line numbers.
    •
    dump()
    now serializes
    undefined
    as
    null
    in collections and removes keys with`undefined` in mappings, #571.
    •
    dump()
    with
    skipInvalid=true
    now serializes invalid items in collections as null.
    • Custom tags starting with
    !
    are now dumped as
    !tag
    instead of
    !<!tag>
    , #576.
    • Custom tags starting with
    tag:<http://yaml.org|yaml.org>,2002:
    are now shorthanded using
    !!
    , #258.
    ### Added
    • Added
    .mjs
    (es modules) support.
    • Added
    quotingType
    and
    forceQuotes
    options for dumper to configure string literal style, #290, #529.
    • Added
    styles: { '!!null': 'empty' }
    option for dumper (serializes
    { foo: null }
    as "`foo: `"), #570.
    ... (truncated) Commits • `9963d36` 3.14.2 released • `10d3c8e` dist rebuild • `5278870` fix prototype pollution in merge (<<) (#731) • See full diff in compare view [Dependabot compatibility score](https://camo.githubusercontent.com/b11949402e197740284dbf67773f782149902336f3efca9c13dad70f8f5110cd/68747470733a2f2f646570656e6461626f742d6261646765732e6769746875626170702e636f6d2f6261646765732f636f6d7061746962696c6974795f73636f72653f646570656e64656e63792d6e616d653d6a732d79616d6c267061636b6167652d6d616e616765723d6e706d5f616e645f7961726e2670726576696f75732d76657273696f6e3d332e31342e31266e65772d76657273696f6e3d332e31342e32) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
    @dependabot rebase
    . --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: •
    @dependabot rebase
    will rebase this PR •
    @dependabot recreate
    will recreate this PR, overwriting any edits that have been made to it •
    @dependabot merge
    will merge this PR after your CI passes on it •
    @dependabot squash and merge
    will squash and merge this PR after your CI passes on it •
    @dependabot cancel merge
    will cancel a previously requested merge and block automerging •
    @dependabot reopen
    will reopen this PR if it is closed •
    @dependabot close
    will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually •
    @dependabot show <dependency name> ignore conditions
    will show all of the ignore conditions of the specified dependency •
    @dependabot ignore this major version
    will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) •
    @dependabot ignore this minor version
    will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) •
    @dependabot ignore this dependency
    will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page. pact-foundation/pact-js
  • g

    GitHub

    11/19/2025, 5:49 PM
    #448 chore(deps): update dependency lint-staged to v16.2.7 Pull request opened by renovate[bot] This PR contains the following updates: | Package | Change | Age | Confidence | | ------------------------------------------------------------------ | ------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | [lint-staged](https://redirect.github.com/lint-staged/lint-staged) | [16.2.6 -> 16.2.7](https://renovatebot.com/diffs/npm/lint-staged/16.2.6/16.2.7) | [[age](https://camo.githubusercontent.com/b6f8853adb80df4e1afc7d8720f53cb277d9edb4802764506e01467e016a8744/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f6167652f6e706d2f6c696e742d7374616765642f31362e322e373f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | [[confidence](https://camo.githubusercontent.com/436fee5b65b38f4b94211e65ec2f56d4df5dcf3f1f59030f28daf63a93af1255/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f636f6e666964656e63652f6e706d2f6c696e742d7374616765642f31362e322e362f31362e322e373f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes lint-staged/lint-staged (lint-staged) ### `v16.2.7` Compare Source ##### Patch Changes • #​1711 `ef74c8d` Thanks @​iiroj! - Do not display a "_failed to spawn_" error message when a task fails normally. This message is reserved for when the task didn't run because spawning it failed. --- ### Configuration 📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 Automerge: Enabled. ♻️ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about this update again. --- • If you want to rebase/retry this PR, check this box --- This PR was generated by Mend Renovate. View the repository job log. pact-foundation/jest-pact
    • 1
    • 1
  • g

    GitHub

    11/19/2025, 5:49 PM
    #449 chore(deps): update dependency rimraf to v6.1.2 Pull request opened by renovate[bot] This PR contains the following updates: | Package | Change | Age | Confidence | | --------------------------------------------------- | ---------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | [rimraf](https://redirect.github.com/isaacs/rimraf) | [6.1.0 -> 6.1.2](https://renovatebot.com/diffs/npm/rimraf/6.1.0/6.1.2) | [[age](https://camo.githubusercontent.com/b8bfb39e06e097c61623030ceab16edf2290421d521d833febeeb2133e1542e5/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f6167652f6e706d2f72696d7261662f362e312e323f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | [[confidence](https://camo.githubusercontent.com/d2babd59bc2ff27f4eba765747d3ca6a9c2a8d7d4f1563dd1dae3677eeccf526/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f636f6e666964656e63652f6e706d2f72696d7261662f362e312e302f362e312e323f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes isaacs/rimraf (rimraf) ### `v6.1.2` Compare Source ### `v6.1.1` Compare Source --- ### Configuration 📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 Automerge: Enabled. ♻️ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about this update again. --- • If you want to rebase/retry this PR, check this box --- This PR was generated by Mend Renovate. View the repository job log. pact-foundation/jest-pact
    • 1
    • 1
  • g

    GitHub

    11/19/2025, 6:16 PM
    #1611 Update to latest @pact-foundation/pact-core Issue created by mcalthrop Could you please create a new release that updates the version of
    @pact-foundation/pact-core
    ? It contains this fix: pact-foundation/pact-js-core#729. Current version:
    17.0.0
    Fixed version:
    17.0.1
    many thanks Matt pact-foundation/pact-js
    • 1
    • 1
  • g

    GitHub

    11/19/2025, 9:14 PM
    1 new commit pushed to
    <https://github.com/pact-foundation/jest-pact/tree/master|master>
    by renovate[bot]
    <https://github.com/pact-foundation/jest-pact/commit/89f49b85ebe397379a8ae48f45c2577238ebe203|89f49b85>
    - chore(deps): update dependency lint-staged to v16.2.7 (#448) pact-foundation/jest-pact
  • g

    GitHub

    11/20/2025, 12:33 AM
    1 new commit pushed to
    <https://github.com/pact-foundation/jest-pact/tree/master|master>
    by renovate[bot]
    <https://github.com/pact-foundation/jest-pact/commit/2985ece8dbba160e18517e47807ecfcb541cf671|2985ece8>
    - chore(deps): update dependency rimraf to v6.1.2 (#449) pact-foundation/jest-pact
  • g

    GitHub

    11/20/2025, 5:06 PM
    #1612 chore(deps): update actions/checkout action to v6 Pull request opened by renovate[bot] This PR contains the following updates: | Package | Type | Update | Change | | ---------------------------------------------------------------- | ------ | ------ | -------- | | [actions/checkout](https://redirect.github.com/actions/checkout) | action | major | v5 -> v6 | --- ### Release Notes actions/checkout (actions/checkout) ### `v6` Compare Source --- ### Configuration 📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 Automerge: Enabled. ♻️ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about this update again. --- • If you want to rebase/retry this PR, check this box --- This PR was generated by Mend Renovate. View the repository job log. pact-foundation/pact-js
    • 1
    • 1
  • g

    GitHub

    11/20/2025, 6:01 PM
    #766 chore(deps): update actions/checkout action to v6 Pull request opened by renovate[bot] This PR contains the following updates: | Package | Type | Update | Change | | ---------------------------------------------------------------- | ------ | ------ | -------- | | [actions/checkout](https://redirect.github.com/actions/checkout) | action | major | v5 -> v6 | --- ### Release Notes actions/checkout (actions/checkout) ### `v6` Compare Source --- ### Configuration 📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 Automerge: Enabled. ♻️ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about this update again. --- • If you want to rebase/retry this PR, check this box --- This PR was generated by Mend Renovate. View the repository job log. pact-foundation/pact-js-core
    • 1
    • 1
  • g

    GitHub

    11/20/2025, 6:44 PM
    #450 chore(deps): update actions/checkout action to v6 Pull request opened by renovate[bot] This PR contains the following updates: | Package | Type | Update | Change | | ---------------------------------------------------------------- | ------ | ------ | -------- | | [actions/checkout](https://redirect.github.com/actions/checkout) | action | major | v5 -> v6 | --- ### Release Notes actions/checkout (actions/checkout) ### `v6` Compare Source --- ### Configuration 📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied. ♻️ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about this update again. --- • If you want to rebase/retry this PR, check this box --- This PR was generated by Mend Renovate. View the repository job log. pact-foundation/jest-pact
  • g

    GitHub

    11/20/2025, 9:37 PM
    #1613 chore(deps): bump js-yaml and mocha in /examples/v2/typescript Pull request opened by dependabot[bot] Bumps js-yaml and mocha. These dependencies needed to be updated together. Updates
    js-yaml
    from 3.14.1 to 3.14.2 Changelog Sourced from js-yaml's changelog.
    ## [3.14.2] - 2025-11-15
    ### Security
    • Backported v4.1.1 fix to v3
    ## [4.1.1] - 2025-11-12
    ### Security
    • Fix prototype pollution issue in yaml merge (<<) operator.
    ## [4.1.0] - 2021-04-15
    ### Added
    • Types are now exported as
    <http://yaml.types.XXX|yaml.types.XXX>
    .
    • Every type now has
    options
    property with original arguments kept as they were (see
    yaml.types.int.options
    as an example).
    ### Changed
    •
    Schema.extend()
    now keeps old type order in case of conflicts (e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as
    abcd
    instead of
    cbad
    ).
    ## [4.0.0] - 2021-01-03
    ### Changed
    • Check migration guide to see details for all breaking changes.
    • Breaking: "unsafe" tags
    !!js/function
    ,
    !!js/regexp
    ,
    !!js/undefined
    are moved to js-yaml-js-types package.
    • Breaking: removed
    safe*
    functions. Use
    load
    ,
    loadAll
    , `dump`instead which are all now safe by default.
    •
    yaml.DEFAULT_SAFE_SCHEMA
    and
    yaml.DEFAULT_FULL_SCHEMA
    are removed, use`yaml.DEFAULT_SCHEMA` instead.
    •
    yaml.Schema.create(schema, tags)
    is removed, use
    schema.extend(tags)
    instead.
    •
    !!binary
    now always mapped to
    Uint8Array
    on load.
    • Reduced nesting of
    /lib
    folder.
    • Parse numbers according to YAML 1.2 instead of YAML 1.1 (
    01234
    is now decimal,
    0o1234
    is octal,
    1:23
    is parsed as string instead of base60).
    •
    dump()
    no longer quotes
    :
    ,
    [
    ,
    ]
    ,
    (
    ,
    )
    except when necessary, #470, #557.
    • Line and column in exceptions are now formatted as
    (X:Y)
    instead of`at line X, column Y` (also present in compact format), #332.
    • Code snippet created in exceptions now contains multiple lines with line numbers.
    •
    dump()
    now serializes
    undefined
    as
    null
    in collections and removes keys with`undefined` in mappings, #571.
    •
    dump()
    with
    skipInvalid=true
    now serializes invalid items in collections as null.
    • Custom tags starting with
    !
    are now dumped as
    !tag
    instead of
    !<!tag>
    , #576.
    • Custom tags starting with
    tag:<http://yaml.org|yaml.org>,2002:
    are now shorthanded using
    !!
    , #258.
    ### Added
    • Added
    .mjs
    (es modules) support.
    • Added
    quotingType
    and
    forceQuotes
    options for dumper to configure string literal style, #290, #529.
    • Added
    styles: { '!!null': 'empty' }
    option for dumper (serializes
    { foo: null }
    as "`foo: `"), #570.
    ... (truncated) Commits • `9963d36` 3.14.2 released • `10d3c8e` dist rebuild • `5278870` fix prototype pollution in merge (<<) (#731) • See full diff in compare view Updates
    mocha
    from 10.0.0 to 10.8.2 Release notes Sourced from mocha's releases.
    ## v10.8.2
    ## 10.8.2 (2024-10-30)
    ### 🩹 Fixes
    • support errors with circular dependencies in object values with --parallel (#5212) (ba0fefe)
    • test link in html reporter (#5224) (f054acc)
    ### 📚 Documentation
    • indicate 'exports' interface does not work in browsers (#5181) (14e640e)
    ### 🧹 Chores
    • fix docs builds by re-adding eleventy and ignoring gitignore again (#5240) (881e3b0)
    ### 🤖 Automation
    • deps: bump the github-actions group with 1 update (#5132) (e536ab2)
    ## v10.8.1
    ## 10.8.1 (2024-10-29)
    ### 🩹 Fixes
    • handle case of invalid package.json with no explicit config (#5198) (f72bc17)
    • Typos on mochajs.org (#5237) (d8ca270)
    • use accurate test links in HTML reporter (#5228) (68803b6)
    ## v10.8.0
    ## 10.8.0 (2024-10-29)
    ### 🌟 Features
    • highlight browser failures (#5222) (8ff4845)
    ### 🩹 Fixes
    • remove
    :is()
    from
    mocha.css
    to support older browsers (#5225) (#5227) (0a24b58)
    ### 📚 Documentation
    ... (truncated) Changelog Sourced from mocha's changelog.
    ## 10.8.2 (2024-10-30)
    ### 🩹 Fixes
    • support errors with circular dependencies in object values with --parallel (#5212) (ba0fefe)
    • test link in html reporter (#5224) (f054acc)
    ### 📚 Documentation
    • indicate 'exports' interface does not work in browsers (#5181) (14e640e)
    ### :…
    pact-foundation/pact-js
  • g

    GitHub

    11/21/2025, 1:10 PM
    #1614 Pact error messages for arrayContaining matcher are hard to decipher Issue created by mcalthrop I’m finding that error messages on Pact consumer failure (when using the
    arrayContaining
    matcher) are not very helpful at pinpointing what part of the data is incorrect. The only error message is that the entry we're looking for wasn't found. For example:
    Copy code
    Variant at index 0 ({"attributes":{"createdAt":"2025-11-19T08:37:43.937Z","someProperty":{"image":{"alt":"Some alt text","url":"<https://example.com?some-image.jpg>"},"otherUrl":"<https://example.com?some-image.jpg>"},"payload":{"payload":{"someProperty":{"alt":"Some alt text","otherUrl":"<https://example.com?some-image.jpg>","url":"<https://example.com?some-image.jpg>"},"ctaTitleOverride":"some text","titleOverride":"some text","welcomeMessage":"Welcome!"},"type":"some-type"},"publishedAt":"2025-11-19T08:37:43.937Z","levels":["high"],"type":"some-type"},"id":"some-uuid","type":"another-type"}) was not found in the actual list
    When I'm looking at that message, I have no idea what part of it is incorrect. In my context, this is a test that used to work, but is now failing – which indicates that it's likely something small that has changed on the provider (it turned out to be different casing for one of the data keys). Testing libraries like Jest & Vitest have a useful way of showing the diffs of expected versus actual, so it would be really useful to have something like that. I realise this is likely quite challenging with the
    arrayContaining
    matcher, but it would make a massive difference in tracking down the error. pact-foundation/pact-js
  • g

    GitHub

    11/25/2025, 3:03 PM
    #767 chore(deps): update dependency rimraf to v6.1.2 Pull request opened by renovate[bot] This PR contains the following updates: | Package | Change | Age | Confidence | | --------------------------------------------------- | ---------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | [rimraf](https://redirect.github.com/isaacs/rimraf) | [6.1.0 -> 6.1.2](https://renovatebot.com/diffs/npm/rimraf/6.1.0/6.1.2) | [[age](https://camo.githubusercontent.com/b8bfb39e06e097c61623030ceab16edf2290421d521d833febeeb2133e1542e5/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f6167652f6e706d2f72696d7261662f362e312e323f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | [[confidence](https://camo.githubusercontent.com/d2babd59bc2ff27f4eba765747d3ca6a9c2a8d7d4f1563dd1dae3677eeccf526/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f636f6e666964656e63652f6e706d2f72696d7261662f362e312e302f362e312e323f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes isaacs/rimraf (rimraf) ### `v6.1.2` Compare Source ### `v6.1.1` Compare Source --- ### Configuration 📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 Automerge: Enabled. ♻️ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about this update again. --- • If you want to rebase/retry this PR, check this box --- This PR was generated by Mend Renovate. View the repository job log. pact-foundation/pact-js-core
    • 1
    • 1
  • g

    GitHub

    11/25/2025, 3:03 PM
    #768 chore(deps): update dependency @snyk/protect to v1.1301.0 Pull request opened by renovate[bot] This PR contains the following updates: | Package | Change | Age | Confidence | | ------------------------------------------------------ | ------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | [@snyk/protect](https://redirect.github.com/snyk/snyk) | [1.1300.2 -> 1.1301.0](https://renovatebot.com/diffs/npm/@snyk%2fprotect/1.1300.2/1.1301.0) | [[age](https://camo.githubusercontent.com/4d30207c4cccb7f642a04f3751b48edbd8d766ae8d37da0b840336e7b5ec3396/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f6167652f6e706d2f40736e796b25326670726f746563742f312e313330312e303f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | [[confidence](https://camo.githubusercontent.com/f2f5a780d5517d26f68349337baddd8a6b8c9b825fdeed210a46252ae10df10a/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f636f6e666964656e63652f6e706d2f40736e796b25326670726f746563742f312e313330302e322f312e313330312e303f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes snyk/snyk (@​snyk/protect) ### `v1.1301.0` Compare Source The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation ##### Features • container: The Snyk CLI now supports scanning Ubuntu Chisel images for vulnerabilities (9328757) • container: The Snyk CLI now supports scanning container images with zstd-compressed layers (5080e42) • container: Added a new parameter,
    --include-system-jars
    , to support scanning of usr/lib JARs (57078b6) • test(maven): Initial maven 4 support, testing against the most recent release candidate (88cf47e) • test(maven): A new experimental flag
    --include-provenance
    that will produce DepGraphs containing purls with checksum qualifiers for each package. Primarily to be used via --print-graph, not yet used in the main testing flow (5b8fe0a) • sbom(maven): A new experimental flag
    --include-provenance
    that will produce an SBOM with checksum qualifiers in each purl (5b8fe0a) • language-server: Automatic selection of the organization for IDEs based on workspace folder (EA). (2cc554e) • language-server: Analytics for configuration and folder trust (2cc554e) • mcp: Support for writing scan output into a file (2cc554e) • mcp: Service Account support (2cc554e) ##### Bug Fixes • general: Fix incorrect error mapping for varying status codes (5829500) • general: Some invalid flag combinations are now correctly handled (ca5903b) • test: The Snyk CLI now correctly handles optional dependencies without separate package entries (bfcbda7) • test: The Snyk CLI now correctly handles aliased packages with nested dependencies (bfcbda7) • test: The Snyk CLI now correctly handles bundled dependencies with non-hoisted bundle owners (bfcbda7) • test: Fixes issue where sub packages were getting grouped incorrectly, leading to deps getting marked as missing. (b904e8c) • test, sbom: Stops misclassifying NX Build project.json as a NuGet project (ff6860f) • test(npm): Improve npm alias support (cb37da7) • test(npm): The Snyk CLI now correctly handles npm packages with bundled dependencies (7d93b86) • test(python): Scanning projects using Python 2.7 will no longer fail with a string formatting error (4effc7f) • test(python): Fixed JSON parsing error for Python projects with missing packages (4effc7f) • test(maven): Underlying maven commands adjusted slightly to make aggregate projects that encounter issues when rebuilding more likely to succeed (3b72d86) • test(dotnet): Fix an issue with NuGet v3 scanner where the netstandard and netcoreapp TargetFrameworks were treated as .netx.x (227b50c) • test(dotnet): Fix an issue with NuGet v3 scanner where the pinned dependencies were not discovered (0d9b0c4) • container: Fixed a bug where scanning docker images with very large files would result in the CLI crashing with no message (57078b6) • container: Fix rare crash when scan… pact-foundation/pact-js-core
    • 1
    • 1
  • g

    GitHub

    11/25/2025, 3:09 PM
    #1615 chore(deps): update dependency rimraf to v6.1.2 Pull request opened by renovate[bot] This PR contains the following updates: | Package | Change | Age | Confidence | | --------------------------------------------------- | ---------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | [rimraf](https://redirect.github.com/isaacs/rimraf) | [6.1.0 -> 6.1.2](https://renovatebot.com/diffs/npm/rimraf/6.1.0/6.1.2) | [[age](https://camo.githubusercontent.com/b8bfb39e06e097c61623030ceab16edf2290421d521d833febeeb2133e1542e5/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f6167652f6e706d2f72696d7261662f362e312e323f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | [[confidence](https://camo.githubusercontent.com/d2babd59bc2ff27f4eba765747d3ca6a9c2a8d7d4f1563dd1dae3677eeccf526/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f636f6e666964656e63652f6e706d2f72696d7261662f362e312e302f362e312e323f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes isaacs/rimraf (rimraf) ### `v6.1.2` Compare Source ### `v6.1.1` Compare Source --- ### Configuration 📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 Automerge: Enabled. ♻️ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about this update again. --- • If you want to rebase/retry this PR, check this box --- This PR was generated by Mend Renovate. View the repository job log. pact-foundation/pact-js
  • g

    GitHub

    11/25/2025, 6:31 PM
    #1616 chore(deps): update dependency body-parser to v2.2.1 [security] Pull request opened by renovate[bot] This PR contains the following updates: | Package | Change | Age | Confidence | | ---------------------------------------------------------------- | --------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | [body-parser](https://redirect.github.com/expressjs/body-parser) | [2.2.0 -> 2.2.1](https://renovatebot.com/diffs/npm/body-parser/2.2.0/2.2.1) | [[age](https://camo.githubusercontent.com/9f2250a71a7eb5c4c4f980b168e4e667520c1cf53c5e446a8d000ecce1be21dd/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f6167652f6e706d2f626f64792d7061727365722f322e322e313f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | [[confidence](https://camo.githubusercontent.com/b1ec0dace9b46fd366df4775fd8b603041e0ed7c919d1ab0e4f7b064c0bd5a02/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f636f6e666964656e63652f6e706d2f626f64792d7061727365722f322e322e302f322e322e313f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | ### GitHub Vulnerability Alerts #### CVE-2025-13466 ### Impact body-parser 2.2.0 is vulnerable to denial of service due to inefficient handling of URL-encoded bodies with very large numbers of parameters. An attacker can send payloads containing thousands of parameters within the default 100KB request size limit, causing elevated CPU and memory usage. This can lead to service slowdown or partial outages under sustained malicious traffic. ### Patches This issue is addressed in version 2.2.1. --- ### Release Notes expressjs/body-parser (body-parser) ### `v2.2.1` Compare Source ========================= • Security fix for GHSA-wqch-xfxh-vrr4 • deps: • type-is@^2.0.1 • iconv-lite@^0.7.0 • Handle split surrogate pairs when encoding UTF-8 • Avoid false positives in
    encodingExists
    by using prototype-less objects • raw-body@^3.0.1 • debug@^4.4.3 --- ### Configuration 📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined). 🚦 Automerge: Enabled. ♻️ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about this update again. --- • If you want to rebase/retry this PR, check this box --- This PR was generated by Mend Renovate. View the repository job log. pact-foundation/pact-js
  • g

    GitHub

    11/25/2025, 6:31 PM
    #1617 chore(deps): update dependency @types/lodash to v4.17.21 Pull request opened by renovate[bot] This PR contains the following updates: | Package | Change | Age | Confidence | | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | [@types/lodash](https://redirect.github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/lodash) ([source](https://redirect.github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/lodash)) | [4.17.20 -> 4.17.21](https://renovatebot.com/diffs/npm/@types%2flodash/4.17.20/4.17.21) | [[age](https://camo.githubusercontent.com/e49acd784e7e5e87d18c800807a666ea84354744661e61b493e064a3d2d70be3/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f6167652f6e706d2f4074797065732532666c6f646173682f342e31372e32313f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | [[confidence](https://camo.githubusercontent.com/6061ec38351d568d92fe0fb6de330108150b058561ee90057a3d7c72ef17e268/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f636f6e666964656e63652f6e706d2f4074797065732532666c6f646173682f342e31372e32302f342e31372e32313f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 Automerge: Enabled. ♻️ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about this update again. --- • If you want to rebase/retry this PR, check this box --- This PR was generated by Mend Renovate. View the repository job log. pact-foundation/pact-js
  • g

    GitHub

    11/27/2025, 9:00 AM
    #451 chore(deps): update dependency prettier to v3.7.1 Pull request opened by renovate[bot] This PR contains the following updates: | Package | Change | Age | Confidence | | ----------------------------------------------------------------------------------------- | ------------------------------------------------------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | [prettier](https://prettier.io) ([source](https://redirect.github.com/prettier/prettier)) | [3.6.2 -> 3.7.1](https://renovatebot.com/diffs/npm/prettier/3.6.2/3.7.1) | [[age](https://camo.githubusercontent.com/307168500adedad4fce6ac8b0de5771eba56d81659fcaa4c0c2a2d89922aacfd/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f6167652f6e706d2f70726574746965722f332e372e313f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | [[confidence](https://camo.githubusercontent.com/0833e577b8e0a0e3cb9f6325ce2cc33e9ba6ee86a7cbfb0bd4b40e50dabe159f/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f636f6e666964656e63652f6e706d2f70726574746965722f332e362e322f332e372e313f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes prettier/prettier (prettier) ### `v3.7.1` Compare Source diff ##### API: Fix performance regression in doc printer (#​18342 by @​fisker) Prettier 3.7.1 can be very slow when formatting big files, the regression has been fixed. ### `v3.7.0` Compare Source diff 🔗 Release Notes --- ### Configuration 📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 Automerge: Enabled. ♻️ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about this update again. --- • If you want to rebase/retry this PR, check this box --- This PR was generated by Mend Renovate. View the repository job log. pact-foundation/jest-pact
    • 1
    • 1
  • g

    GitHub

    11/27/2025, 5:57 PM
    1 new commit pushed to
    <https://github.com/pact-foundation/jest-pact/tree/master|master>
    by renovate[bot]
    <https://github.com/pact-foundation/jest-pact/commit/daa7a4ac0f977505f3165521ceb1c4c6416ebead|daa7a4ac>
    - chore(deps): update dependency prettier to v3.7.1 (#451) pact-foundation/jest-pact
  • g

    GitHub

    11/27/2025, 6:10 PM
    #769 chore(deps): update typescript-eslint monorepo to v8.48.0 Pull request opened by renovate[bot] This PR contains the following updates: | Package | Change | Age | Confidence | | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | [@typescript-eslint/eslint-plugin](https://typescript-eslint.io/packages/eslint-plugin) ([source](https://redirect.github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin)) | [8.47.0 -> 8.48.0](https://renovatebot.com/diffs/npm/@typescript-eslint%2feslint-plugin/8.47.0/8.48.0) | [[age](https://camo.githubusercontent.com/6367a07fa85bc8a88b439e7cc780e123e61b4bfce04e42dab32e4ec9eca75ea8/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f6167652f6e706d2f40747970657363726970742d65736c696e7425326665736c696e742d706c7567696e2f382e34382e303f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | [[confidence](https://camo.githubusercontent.com/e5db376a7fdd9637422940efd08f230e20190c322e4d43a8755c3d42b57e0307/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f636f6e666964656e63652f6e706d2f40747970657363726970742d65736c696e7425326665736c696e742d706c7567696e2f382e34372e302f382e34382e303f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | | [@typescript-eslint/parser](https://typescript-eslint.io/packages/parser) ([source](https://redirect.github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser)) | [8.47.0 -> 8.48.0](https://renovatebot.com/diffs/npm/@typescript-eslint%2fparser/8.47.0/8.48.0) | [[age](https://camo.githubusercontent.com/d1f457ff4c2903d2cf36a41d42baf4faa8976a5327fc1886fd68f428fa9c9cf7/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f6167652f6e706d2f40747970657363726970742d65736c696e742532667061727365722f382e34382e303f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | [[confidence](https://camo.githubusercontent.com/6a492221ae5ae8daca2468c6e74eea2e8b4091065bc615eb3b9137f83e2ae442/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f636f6e666964656e63652f6e706d2f40747970657363726970742d65736c696e742532667061727365722f382e34372e302f382e34382e303f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | | [typescript-eslint](https://typescript-eslint.io/packages/typescript-eslint) ([source](https://redirect.github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint)) | [8.47.0 -> 8.48.0](https://renovatebot.com/diffs/npm/typescript-eslint/8.47.0/8.48.0) | [[age](https://camo.githubusercontent.com/81f471516bce0133c5fe933bc8a07fe52eb1138a9f8bd835e7dcb2bf0f0a4555/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f6167652f6e706d2f747970657363726970742d65736c696e742f382e34382e303f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | [[confidence](https://camo.githubusercontent.com/93505609be94e7e67f6ed5d8b3fc205fbc07f02efbc398d39fc80304a1463ffc/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f636f6e666964656e63652f6e706d2f747970657363726970742d65736c696e742f382e34372e302f382e34382e303f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes typescript-eslint/typescript-eslint (@​typescript-eslint/eslint-plugin) ### `v8.48.0` Compare Source ##### 🚀 Features • eslint-plugin: [no-redundant-type-constituents] use assignability checking for redundancy checks (#​10744) ##### 🩹 Fixes • typescript-estree: disallow binding patterns in parameter properties (#​11760) • eslint-plugin: [consistent-generic-constructors] ignore when constructor is typed array (#​10477) ##### ❤️ Thank You • Dima Barabash @​dbarabashh • JamesHenry @​JamesHenry • Josh Goldberg • mdm317 @​gen-ip-1 You can read about our versioning strategy and releases on our website. typescript-eslint/typescript-eslint (@​typescript-eslint/parser) ### `v8.48.0` Compare Source This was a version bump only for parser to align it with other projects, there were no code changes. You can read about our versioning strategy and releases on our website. typescript-eslint/typescript-eslint (typescript-eslint) ### `v8.48.0` Compare Source This was a version bump only for typescript-eslint to align it with other projects, there were no code changes. You can read about our versioning strategy and releases on our website. --- ### Configuration 📅 Schedule: Branch creation - At any time (no schedule defined), Automerge… pact-foundation/pact-js-core
    • 1
    • 1
  • g

    GitHub

    11/27/2025, 9:50 PM
    #770 chore(deps): update dependency body-parser to v2.2.1 Pull request opened by renovate[bot] This PR contains the following updates: | Package | Change | Age | Confidence | | ---------------------------------------------------------------- | --------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | [body-parser](https://redirect.github.com/expressjs/body-parser) | [2.2.0 -> 2.2.1](https://renovatebot.com/diffs/npm/body-parser/2.2.0/2.2.1) | [[age](https://camo.githubusercontent.com/9f2250a71a7eb5c4c4f980b168e4e667520c1cf53c5e446a8d000ecce1be21dd/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f6167652f6e706d2f626f64792d7061727365722f322e322e313f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | [[confidence](https://camo.githubusercontent.com/b1ec0dace9b46fd366df4775fd8b603041e0ed7c919d1ab0e4f7b064c0bd5a02/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f636f6e666964656e63652f6e706d2f626f64792d7061727365722f322e322e302f322e322e313f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes expressjs/body-parser (body-parser) ### `v2.2.1` Compare Source ========================= • Security fix for GHSA-wqch-xfxh-vrr4 • deps: • type-is@^2.0.1 • iconv-lite@^0.7.0 • Handle split surrogate pairs when encoding UTF-8 • Avoid false positives in
    encodingExists
    by using prototype-less objects • raw-body@^3.0.1 • debug@^4.4.3 --- ### Configuration 📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 Automerge: Enabled. ♻️ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about this update again. --- • If you want to rebase/retry this PR, check this box --- This PR was generated by Mend Renovate. View the repository job log. pact-foundation/pact-js-core
  • g

    GitHub

    11/28/2025, 10:06 PM
    #452 chore(deps): update dependency prettier to v3.7.2 Pull request opened by renovate[bot] This PR contains the following updates: | Package | Change | Age | Confidence | | ----------------------------------------------------------------------------------------- | ------------------------------------------------------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | [prettier](https://prettier.io) ([source](https://redirect.github.com/prettier/prettier)) | [3.7.1 -> 3.7.2](https://renovatebot.com/diffs/npm/prettier/3.7.1/3.7.2) | [[age](https://camo.githubusercontent.com/f659d3a636f43bb52b1a30650aaff848012161760a621908f5007b54e268e638/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f6167652f6e706d2f70726574746965722f332e372e323f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | [[confidence](https://camo.githubusercontent.com/a10778b81a37f88c401435f645ed96a4a2b849f9f38382e973850a63c04fe139/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f636f6e666964656e63652f6e706d2f70726574746965722f332e372e312f332e372e323f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes prettier/prettier (prettier) ### `v3.7.2` Compare Source diff ##### JavaScript: Fix string print when switching quotes (#​18351 by @​fisker) // Input console.log("A descriptor\\'s .kind must be \"method\" or \"field\".") // Prettier 3.7.1 console.log('A descriptor\\'s .kind must be "method" or "field".'); // Prettier 3.7.2 console.log('A descriptor\\\'s .kind must be "method" or "field".'); ##### JavaScript: Preserve quote for embedded HTML attribute values (#​18352 by @​kovsu) // Input const html = /* HTML */ ` <div class="${styles.banner}"></div>
    Copy code
    ;
    
    // Prettier 3.7.1
    const html = /* HTML */
    <div class=${styles.banner}></div>
    Copy code
    ;
    
    // Prettier 3.7.2
    const html = /* HTML */
    <div class="${styles.banner}"></div> `; ##### TypeScript: Fix comment in empty type literal (#​18364 by @​fisker) // Input export type XXX = { // tbd }; // Prettier 3.7.1 export type XXX = { // tbd }; // Prettier 3.7.2 export type XXX = { // tbd }; --- ### Configuration 📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 Automerge: Enabled. ♻️ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about this update again. --- • If you want to rebase/retry this PR, check this box --- This PR was generated by Mend Renovate. View the repository job log. pact-foundation/jest-pact