# pact-js-development
- g
GitHub
11/16/2025, 4:51 AM#760 chore(deps): update dependency @tsconfig/node14 to v14.1.7 Pull request opened by renovate[bot] This PR contains the following updates: | Package | Change | Age | Confidence | | ------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | [@tsconfig/node14](https://redirect.github.com/tsconfig/bases) ([source](https://redirect.github.com/tsconfig/bases/tree/HEAD/bases)) | [14.1.6 -> 14.1.7](https://renovatebot.com/diffs/npm/@tsconfig%2fnode14/14.1.6/14.1.7) | [[age](https://camo.githubusercontent.com/b91d1bc5cee7138427be869a5b79889a03cc53e657cbe730bd4ff89113ef9900/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f6167652f6e706d2f407473636f6e6669672532666e6f646531342f31342e312e373f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | [[confidence](https://camo.githubusercontent.com/7cdfb3a4c760bc5daa0b88bec5173ce1f54b07fdb3d083d055a093b6c713a9bc/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f636f6e666964656e63652f6e706d2f407473636f6e6669672532666e6f646531342f31342e312e362f31342e312e373f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes tsconfig/bases (@tsconfig/node14) ### `v14.1.7` Compare Source --- ### Configuration 📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 Automerge: Enabled. ♻️ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about this update again. --- • If you want to rebase/retry this PR, check this box --- This PR was generated by Mend Renovate. View the repository job log. pact-foundation/pact-js-core- 1
- 1
- g
GitHub
11/17/2025, 4:48 AM#761 chore(deps): update dependency form-data to v4.0.5 Pull request opened by renovate[bot] This PR contains the following updates: | Package | Change | Age | Confidence | | ------------------------------------------------------------ | ------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | [form-data](https://redirect.github.com/form-data/form-data) | [4.0.4 -> 4.0.5](https://renovatebot.com/diffs/npm/form-data/4.0.4/4.0.5) | [[age](https://camo.githubusercontent.com/6820817c8fa0c27d9f620f8acb6f03cfd9a8773a073c5cbfb2ea11d62055eeac/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f6167652f6e706d2f666f726d2d646174612f342e302e353f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | [[confidence](https://camo.githubusercontent.com/abdf7136ab919af7f407b04a8a03037d1435eda166d16b4bd3b5bdc9f4d49102/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f636f6e666964656e63652f6e706d2f666f726d2d646174612f342e302e342f342e302e353f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes form-data/form-data (form-data) ### `v4.0.5` Compare Source ##### Commits • [Tests] Switch to newer v8 prediction library; enable node 24 testing `16e0076` • [Dev Deps] update
,@ljharb/eslint-config
`5822467` • [Fix] set Symbol.toStringTag in the proper place `76d0dee` --- ### Configuration 📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 Automerge: Enabled. ♻️ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about this update again. --- • If you want to rebase/retry this PR, check this box --- This PR was generated by Mend Renovate. View the repository job log. pact-foundation/pact-js-coreeslint- 1
- 1
- g
GitHub
11/17/2025, 12:11 PM#1607 chore(deps): update dependency @types/sinon to v21 Pull request opened by renovate[bot] This PR contains the following updates: | Package | Change | Age | Confidence | | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | [@types/sinon](https://redirect.github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/sinon) ([source](https://redirect.github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/sinon)) | [20.0.0 -> 21.0.0](https://renovatebot.com/diffs/npm/@types%2fsinon/20.0.0/21.0.0) | [[age](https://camo.githubusercontent.com/363284092ed0fa4e7c6364de658fc1c0144d1f08b9df827c303109c12317efbc/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f6167652f6e706d2f40747970657325326673696e6f6e2f32312e302e303f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | [[confidence](https://camo.githubusercontent.com/fcf0fbcde8ac86abda00b2395d8db053d0df7e06b9c559b3af9887b4159983b4/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f636f6e666964656e63652f6e706d2f40747970657325326673696e6f6e2f32302e302e302f32312e302e303f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 Automerge: Enabled. ♻️ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about this update again. --- • If you want to rebase/retry this PR, check this box --- This PR was generated by Mend Renovate. View the repository job log. pact-foundation/pact-js- 1
- 1
- g
GitHub
11/17/2025, 12:14 PM#762 chore(deps): update dependency @types/sinon to v21 Pull request opened by renovate[bot] This PR contains the following updates: | Package | Change | Age | Confidence | | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | [@types/sinon](https://redirect.github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/sinon) ([source](https://redirect.github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/sinon)) | [17.0.4 -> 21.0.0](https://renovatebot.com/diffs/npm/@types%2fsinon/17.0.4/21.0.0) | [[age](https://camo.githubusercontent.com/363284092ed0fa4e7c6364de658fc1c0144d1f08b9df827c303109c12317efbc/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f6167652f6e706d2f40747970657325326673696e6f6e2f32312e302e303f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | [[confidence](https://camo.githubusercontent.com/092d0b5e56198df513973a01bbada2a381bbcb9f53671626f5574f2b9510e555/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f636f6e666964656e63652f6e706d2f40747970657325326673696e6f6e2f31372e302e342f32312e302e303f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 Automerge: Enabled. ♻️ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about this update again. --- • If you want to rebase/retry this PR, check this box --- This PR was generated by Mend Renovate. View the repository job log. pact-foundation/pact-js-core- 1
- 1
- g
GitHub
11/17/2025, 5:57 PM#763 chore(deps): update actions/checkout digest to 93cb6ef Pull request opened by renovate[bot] This PR contains the following updates: | Package | Type | Update | Change | | ---------------------------------------------------------------- | ------ | ------ | ------------------ | | [actions/checkout](https://redirect.github.com/actions/checkout) | action | digest | 08c6903 -> 93cb6ef | --- ### Configuration 📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 Automerge: Enabled. ♻️ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about this update again. --- • If you want to rebase/retry this PR, check this box --- This PR was generated by Mend Renovate. View the repository job log. pact-foundation/pact-js-core- 1
- 1
- g
GitHub
11/17/2025, 6:03 PM#764 chore(deps): update typescript-eslint monorepo to v8.47.0 Pull request opened by renovate[bot] This PR contains the following updates: | Package | Change | Age | Confidence | | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | [@typescript-eslint/eslint-plugin](https://typescript-eslint.io/packages/eslint-plugin) ([source](https://redirect.github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin)) | [8.46.4 -> 8.47.0](https://renovatebot.com/diffs/npm/@typescript-eslint%2feslint-plugin/8.46.4/8.47.0) | [[age](https://camo.githubusercontent.com/2c00f31c5faf20059cd7ae9a56db5595237f0fe68aa60f8e0a8d8cb8c4b15998/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f6167652f6e706d2f40747970657363726970742d65736c696e7425326665736c696e742d706c7567696e2f382e34372e303f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | [[confidence](https://camo.githubusercontent.com/fdb7f6fd28e67b66d35edfece4fcd79e8db6e641aa85efe41cadae1f61c86291/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f636f6e666964656e63652f6e706d2f40747970657363726970742d65736c696e7425326665736c696e742d706c7567696e2f382e34362e342f382e34372e303f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | | [@typescript-eslint/parser](https://typescript-eslint.io/packages/parser) ([source](https://redirect.github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser)) | [8.46.4 -> 8.47.0](https://renovatebot.com/diffs/npm/@typescript-eslint%2fparser/8.46.4/8.47.0) | [[age](https://camo.githubusercontent.com/bb641ef71e0e5386eb80746bc9871c8da16355ea12b1b12e420b6119c68754bf/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f6167652f6e706d2f40747970657363726970742d65736c696e742532667061727365722f382e34372e303f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | [[confidence](https://camo.githubusercontent.com/6850f641b6d30241d986f0d9931a948de116e57225073cbde61f1053053cc351/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f636f6e666964656e63652f6e706d2f40747970657363726970742d65736c696e742532667061727365722f382e34362e342f382e34372e303f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | | [typescript-eslint](https://typescript-eslint.io/packages/typescript-eslint) ([source](https://redirect.github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint)) | [8.46.4 -> 8.47.0](https://renovatebot.com/diffs/npm/typescript-eslint/8.46.4/8.47.0) | [[age](https://camo.githubusercontent.com/b4ec13e7877d34988a39254c609ed60234a94497acd590b0f82ecfc30dbadefa/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f6167652f6e706d2f747970657363726970742d65736c696e742f382e34372e303f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | [[confidence](https://camo.githubusercontent.com/64ea74c73f62c3b21d8a2c20f2acf7fd86d1536d01a40a30ea9ef14e0a35ff71/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f636f6e666964656e63652f6e706d2f747970657363726970742d65736c696e742f382e34362e342f382e34372e303f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes typescript-eslint/typescript-eslint (@typescript-eslint/eslint-plugin) ### `v8.47.0` Compare Source ##### 🚀 Features • eslint-plugin: [no-unused-private-class-members] new extension rule (#10913) ##### ❤️ Thank You • Brad Zacher @bradzacher You can read about our versioning strategy and releases on our website. typescript-eslint/typescript-eslint (@typescript-eslint/parser) ### `v8.47.0` Compare Source This was a version bump only for parser to align it with other projects, there were no code changes. You can read about our versioning strategy and releases on our website. typescript-eslint/typescript-eslint (typescript-eslint) ### `v8.47.0` Compare Source This was a version bump only for typescript-eslint to align it with other projects, there were no code changes. You can read about our versioning strategy and releases on our website. --- ### Configuration 📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 Automerge: Enabled. ♻️ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about these updates again. --- • If you want to rebase/retry this PR, check this box --- This PR was generated by Mend Renovate. View the <https://developer.mend.io/githu… pact-foundation/pact-js-core- 1
- 1
- g
GitHub
11/17/2025, 11:15 PM#1608 chore(deps): update actions/checkout digest to 93cb6ef Pull request opened by renovate[bot] This PR contains the following updates: | Package | Type | Update | Change | | ---------------------------------------------------------------- | ------ | ------ | ------------------ | | [actions/checkout](https://redirect.github.com/actions/checkout) | action | digest | 08c6903 -> 93cb6ef | --- ### Configuration 📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 Automerge: Enabled. ♻️ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about this update again. --- • If you want to rebase/retry this PR, check this box --- This PR was generated by Mend Renovate. View the repository job log. pact-foundation/pact-js- 1
- 1
- g
GitHub
11/18/2025, 6:44 AM#765 chore(deps): update dependency @tsconfig/node14 to v14.1.8 Pull request opened by renovate[bot] This PR contains the following updates: | Package | Change | Age | Confidence | | ------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | [@tsconfig/node14](https://redirect.github.com/tsconfig/bases) ([source](https://redirect.github.com/tsconfig/bases/tree/HEAD/bases)) | [14.1.7 -> 14.1.8](https://renovatebot.com/diffs/npm/@tsconfig%2fnode14/14.1.7/14.1.8) | [[age](https://camo.githubusercontent.com/74fc93217fcbc68dc4bc9ed503a3285ee6c55ea976c6aea328c22372f7b810aa/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f6167652f6e706d2f407473636f6e6669672532666e6f646531342f31342e312e383f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | [[confidence](https://camo.githubusercontent.com/8c1b2feefc5c6c1f16fb59c2d10eb3b1b9b261bddb9be0ad5e67293845e4e888/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f636f6e666964656e63652f6e706d2f407473636f6e6669672532666e6f646531342f31342e312e372f31342e312e383f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes tsconfig/bases (@tsconfig/node14) ### `v14.1.8` Compare Source --- ### Configuration 📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 Automerge: Enabled. ♻️ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about this update again. --- • If you want to rebase/retry this PR, check this box --- This PR was generated by Mend Renovate. View the repository job log. pact-foundation/pact-js-core- 1
- 1
- g
GitHub
11/18/2025, 8:14 PM#1609 chore(deps-dev): bump js-yaml from 3.14.1 to 3.14.2 in /examples/v3/provider-state-injected Pull request opened by dependabot[bot] Bumps js-yaml from 3.14.1 to 3.14.2. Changelog Sourced from js-yaml's changelog.## [3.14.2] - 2025-11-15
### Security
• Backported v4.1.1 fix to v3
## [4.1.1] - 2025-11-12
### Security
• Fix prototype pollution issue in yaml merge (<<) operator.
## [4.1.0] - 2021-04-15
### Added
• Types are now exported as
.<http://yaml.types.XXX|yaml.types.XXX>• Every type now has
property with original arguments kept as they were (seeoptions
as an example).yaml.types.int.options### Changed
•
now keeps old type order in case of conflicts (e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered asSchema.extend()
instead ofabcd
).cbad## [4.0.0] - 2021-01-03
### Changed
• Check migration guide to see details for all breaking changes.
• Breaking: "unsafe" tags
,!!js/function
,!!js/regexp
are moved to js-yaml-js-types package.!!js/undefined• Breaking: removed
functions. Usesafe*
,load
, `dump`instead which are all now safe by default.loadAll•
andyaml.DEFAULT_SAFE_SCHEMA
are removed, use`yaml.DEFAULT_SCHEMA` instead.yaml.DEFAULT_FULL_SCHEMA•
is removed, useyaml.Schema.create(schema, tags)
instead.schema.extend(tags)•
now always mapped to!!binary
on load.Uint8Array• Reduced nesting of
folder./lib• Parse numbers according to YAML 1.2 instead of YAML 1.1 (
is now decimal,01234
is octal,0o1234
is parsed as string instead of base60).1:23•
no longer quotesdump()
,:
,[
,]
,(
except when necessary, #470, #557.)• Line and column in exceptions are now formatted as
instead of`at line X, column Y` (also present in compact format), #332.(X:Y)• Code snippet created in exceptions now contains multiple lines with line numbers.
•
now serializesdump()
asundefined
in collections and removes keys with`undefined` in mappings, #571.null•
withdump()
now serializes invalid items in collections as null.skipInvalid=true• Custom tags starting with
are now dumped as!
instead of!tag
, #576.!<!tag>• Custom tags starting with
are now shorthanded usingtag:<http://yaml.org|yaml.org>,2002:
, #258.!!### Added
• Added
(es modules) support..mjs• Added
andquotingType
options for dumper to configure string literal style, #290, #529.forceQuotes• Added
... (truncated) Commits • `9963d36` 3.14.2 released • `10d3c8e` dist rebuild • `5278870` fix prototype pollution in merge (<<) (#731) • See full diff in compare view [Dependabot compatibility score](https://camo.githubusercontent.com/b11949402e197740284dbf67773f782149902336f3efca9c13dad70f8f5110cd/68747470733a2f2f646570656e6461626f742d6261646765732e6769746875626170702e636f6d2f6261646765732f636f6d7061746962696c6974795f73636f72653f646570656e64656e63792d6e616d653d6a732d79616d6c267061636b6167652d6d616e616765723d6e706d5f616e645f7961726e2670726576696f75732d76657273696f6e3d332e31342e31266e65772d76657273696f6e3d332e31342e32) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
option for dumper (serializesstyles: { '!!null': 'empty' }
as "`foo: `"), #570.{ foo: null }
. --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: •@dependabot rebase
will rebase this PR •@dependabot rebase
will recreate this PR, overwriting any edits that have been made to it •@dependabot recreate
will merge this PR after your CI passes on it •@dependabot merge
will squash and merge this PR after your CI passes on it •@dependabot squash and merge
will cancel a previously requested merge and block automerging •@dependabot cancel merge
will reopen this PR if it is closed •@dependabot reopen
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually •@dependabot close
will show all of the ignore conditions of the specified dependency •@dependabot show <dependency name> ignore conditions
will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) •@dependabot ignore this major version
will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) •@dependabot ignore this minor version
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page. pact-foundation/pact-js@dependabot ignore this dependency - g
GitHub
11/18/2025, 8:15 PM#1610 chore(deps): bump js-yaml from 3.14.1 to 3.14.2 in /examples/v2/jest Pull request opened by dependabot[bot] Bumps js-yaml from 3.14.1 to 3.14.2. Changelog Sourced from js-yaml's changelog.## [3.14.2] - 2025-11-15
### Security
• Backported v4.1.1 fix to v3
## [4.1.1] - 2025-11-12
### Security
• Fix prototype pollution issue in yaml merge (<<) operator.
## [4.1.0] - 2021-04-15
### Added
• Types are now exported as
.<http://yaml.types.XXX|yaml.types.XXX>• Every type now has
property with original arguments kept as they were (seeoptions
as an example).yaml.types.int.options### Changed
•
now keeps old type order in case of conflicts (e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered asSchema.extend()
instead ofabcd
).cbad## [4.0.0] - 2021-01-03
### Changed
• Check migration guide to see details for all breaking changes.
• Breaking: "unsafe" tags
,!!js/function
,!!js/regexp
are moved to js-yaml-js-types package.!!js/undefined• Breaking: removed
functions. Usesafe*
,load
, `dump`instead which are all now safe by default.loadAll•
andyaml.DEFAULT_SAFE_SCHEMA
are removed, use`yaml.DEFAULT_SCHEMA` instead.yaml.DEFAULT_FULL_SCHEMA•
is removed, useyaml.Schema.create(schema, tags)
instead.schema.extend(tags)•
now always mapped to!!binary
on load.Uint8Array• Reduced nesting of
folder./lib• Parse numbers according to YAML 1.2 instead of YAML 1.1 (
is now decimal,01234
is octal,0o1234
is parsed as string instead of base60).1:23•
no longer quotesdump()
,:
,[
,]
,(
except when necessary, #470, #557.)• Line and column in exceptions are now formatted as
instead of`at line X, column Y` (also present in compact format), #332.(X:Y)• Code snippet created in exceptions now contains multiple lines with line numbers.
•
now serializesdump()
asundefined
in collections and removes keys with`undefined` in mappings, #571.null•
withdump()
now serializes invalid items in collections as null.skipInvalid=true• Custom tags starting with
are now dumped as!
instead of!tag
, #576.!<!tag>• Custom tags starting with
are now shorthanded usingtag:<http://yaml.org|yaml.org>,2002:
, #258.!!### Added
• Added
(es modules) support..mjs• Added
andquotingType
options for dumper to configure string literal style, #290, #529.forceQuotes• Added
... (truncated) Commits • `9963d36` 3.14.2 released • `10d3c8e` dist rebuild • `5278870` fix prototype pollution in merge (<<) (#731) • See full diff in compare view [Dependabot compatibility score](https://camo.githubusercontent.com/b11949402e197740284dbf67773f782149902336f3efca9c13dad70f8f5110cd/68747470733a2f2f646570656e6461626f742d6261646765732e6769746875626170702e636f6d2f6261646765732f636f6d7061746962696c6974795f73636f72653f646570656e64656e63792d6e616d653d6a732d79616d6c267061636b6167652d6d616e616765723d6e706d5f616e645f7961726e2670726576696f75732d76657273696f6e3d332e31342e31266e65772d76657273696f6e3d332e31342e32) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
option for dumper (serializesstyles: { '!!null': 'empty' }
as "`foo: `"), #570.{ foo: null }
. --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: •@dependabot rebase
will rebase this PR •@dependabot rebase
will recreate this PR, overwriting any edits that have been made to it •@dependabot recreate
will merge this PR after your CI passes on it •@dependabot merge
will squash and merge this PR after your CI passes on it •@dependabot squash and merge
will cancel a previously requested merge and block automerging •@dependabot cancel merge
will reopen this PR if it is closed •@dependabot reopen
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually •@dependabot close
will show all of the ignore conditions of the specified dependency •@dependabot show <dependency name> ignore conditions
will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) •@dependabot ignore this major version
will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) •@dependabot ignore this minor version
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page. pact-foundation/pact-js@dependabot ignore this dependency - g
GitHub
11/19/2025, 5:49 PM#448 chore(deps): update dependency lint-staged to v16.2.7 Pull request opened by renovate[bot] This PR contains the following updates: | Package | Change | Age | Confidence | | ------------------------------------------------------------------ | ------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | [lint-staged](https://redirect.github.com/lint-staged/lint-staged) | [16.2.6 -> 16.2.7](https://renovatebot.com/diffs/npm/lint-staged/16.2.6/16.2.7) | [[age](https://camo.githubusercontent.com/b6f8853adb80df4e1afc7d8720f53cb277d9edb4802764506e01467e016a8744/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f6167652f6e706d2f6c696e742d7374616765642f31362e322e373f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | [[confidence](https://camo.githubusercontent.com/436fee5b65b38f4b94211e65ec2f56d4df5dcf3f1f59030f28daf63a93af1255/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f636f6e666964656e63652f6e706d2f6c696e742d7374616765642f31362e322e362f31362e322e373f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes lint-staged/lint-staged (lint-staged) ### `v16.2.7` Compare Source ##### Patch Changes • #1711 `ef74c8d` Thanks @iiroj! - Do not display a "_failed to spawn_" error message when a task fails normally. This message is reserved for when the task didn't run because spawning it failed. --- ### Configuration 📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 Automerge: Enabled. ♻️ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about this update again. --- • If you want to rebase/retry this PR, check this box --- This PR was generated by Mend Renovate. View the repository job log. pact-foundation/jest-pact- 1
- 1
- g
GitHub
11/19/2025, 5:49 PM#449 chore(deps): update dependency rimraf to v6.1.2 Pull request opened by renovate[bot] This PR contains the following updates: | Package | Change | Age | Confidence | | --------------------------------------------------- | ---------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | [rimraf](https://redirect.github.com/isaacs/rimraf) | [6.1.0 -> 6.1.2](https://renovatebot.com/diffs/npm/rimraf/6.1.0/6.1.2) | [[age](https://camo.githubusercontent.com/b8bfb39e06e097c61623030ceab16edf2290421d521d833febeeb2133e1542e5/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f6167652f6e706d2f72696d7261662f362e312e323f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | [[confidence](https://camo.githubusercontent.com/d2babd59bc2ff27f4eba765747d3ca6a9c2a8d7d4f1563dd1dae3677eeccf526/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f636f6e666964656e63652f6e706d2f72696d7261662f362e312e302f362e312e323f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes isaacs/rimraf (rimraf) ### `v6.1.2` Compare Source ### `v6.1.1` Compare Source --- ### Configuration 📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 Automerge: Enabled. ♻️ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about this update again. --- • If you want to rebase/retry this PR, check this box --- This PR was generated by Mend Renovate. View the repository job log. pact-foundation/jest-pact- 1
- 1
- g
GitHub
11/19/2025, 6:16 PM#1611 Update to latest @pact-foundation/pact-core Issue created by mcalthrop Could you please create a new release that updates the version of
? It contains this fix: pact-foundation/pact-js-core#729. Current version:@pact-foundation/pact-core
Fixed version:17.0.0
many thanks Matt pact-foundation/pact-js17.0.1- 1
- 1
- g
GitHub
11/19/2025, 9:14 PM1 new commit pushed to
by renovate[bot]<https://github.com/pact-foundation/jest-pact/tree/master|master>
- chore(deps): update dependency lint-staged to v16.2.7 (#448) pact-foundation/jest-pact<https://github.com/pact-foundation/jest-pact/commit/89f49b85ebe397379a8ae48f45c2577238ebe203|89f49b85> - g
GitHub
11/20/2025, 12:33 AM1 new commit pushed to
by renovate[bot]<https://github.com/pact-foundation/jest-pact/tree/master|master>
- chore(deps): update dependency rimraf to v6.1.2 (#449) pact-foundation/jest-pact<https://github.com/pact-foundation/jest-pact/commit/2985ece8dbba160e18517e47807ecfcb541cf671|2985ece8> - g
GitHub
11/20/2025, 5:06 PM#1612 chore(deps): update actions/checkout action to v6 Pull request opened by renovate[bot] This PR contains the following updates: | Package | Type | Update | Change | | ---------------------------------------------------------------- | ------ | ------ | -------- | | [actions/checkout](https://redirect.github.com/actions/checkout) | action | major | v5 -> v6 | --- ### Release Notes actions/checkout (actions/checkout) ### `v6` Compare Source --- ### Configuration 📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 Automerge: Enabled. ♻️ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about this update again. --- • If you want to rebase/retry this PR, check this box --- This PR was generated by Mend Renovate. View the repository job log. pact-foundation/pact-js- 1
- 1
- g
GitHub
11/20/2025, 6:01 PM#766 chore(deps): update actions/checkout action to v6 Pull request opened by renovate[bot] This PR contains the following updates: | Package | Type | Update | Change | | ---------------------------------------------------------------- | ------ | ------ | -------- | | [actions/checkout](https://redirect.github.com/actions/checkout) | action | major | v5 -> v6 | --- ### Release Notes actions/checkout (actions/checkout) ### `v6` Compare Source --- ### Configuration 📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 Automerge: Enabled. ♻️ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about this update again. --- • If you want to rebase/retry this PR, check this box --- This PR was generated by Mend Renovate. View the repository job log. pact-foundation/pact-js-core- 1
- 1
- g
GitHub
11/20/2025, 6:44 PM#450 chore(deps): update actions/checkout action to v6 Pull request opened by renovate[bot] This PR contains the following updates: | Package | Type | Update | Change | | ---------------------------------------------------------------- | ------ | ------ | -------- | | [actions/checkout](https://redirect.github.com/actions/checkout) | action | major | v5 -> v6 | --- ### Release Notes actions/checkout (actions/checkout) ### `v6` Compare Source --- ### Configuration 📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied. ♻️ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about this update again. --- • If you want to rebase/retry this PR, check this box --- This PR was generated by Mend Renovate. View the repository job log. pact-foundation/jest-pact - g
GitHub
11/20/2025, 9:37 PM#1613 chore(deps): bump js-yaml and mocha in /examples/v2/typescript Pull request opened by dependabot[bot] Bumps js-yaml and mocha. These dependencies needed to be updated together. Updates
from 3.14.1 to 3.14.2 Changelog Sourced from js-yaml's changelog.js-yaml## [3.14.2] - 2025-11-15
### Security
• Backported v4.1.1 fix to v3
## [4.1.1] - 2025-11-12
### Security
• Fix prototype pollution issue in yaml merge (<<) operator.
## [4.1.0] - 2021-04-15
### Added
• Types are now exported as
.<http://yaml.types.XXX|yaml.types.XXX>• Every type now has
property with original arguments kept as they were (seeoptions
as an example).yaml.types.int.options### Changed
•
now keeps old type order in case of conflicts (e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered asSchema.extend()
instead ofabcd
).cbad## [4.0.0] - 2021-01-03
### Changed
• Check migration guide to see details for all breaking changes.
• Breaking: "unsafe" tags
,!!js/function
,!!js/regexp
are moved to js-yaml-js-types package.!!js/undefined• Breaking: removed
functions. Usesafe*
,load
, `dump`instead which are all now safe by default.loadAll•
andyaml.DEFAULT_SAFE_SCHEMA
are removed, use`yaml.DEFAULT_SCHEMA` instead.yaml.DEFAULT_FULL_SCHEMA•
is removed, useyaml.Schema.create(schema, tags)
instead.schema.extend(tags)•
now always mapped to!!binary
on load.Uint8Array• Reduced nesting of
folder./lib• Parse numbers according to YAML 1.2 instead of YAML 1.1 (
is now decimal,01234
is octal,0o1234
is parsed as string instead of base60).1:23•
no longer quotesdump()
,:
,[
,]
,(
except when necessary, #470, #557.)• Line and column in exceptions are now formatted as
instead of`at line X, column Y` (also present in compact format), #332.(X:Y)• Code snippet created in exceptions now contains multiple lines with line numbers.
•
now serializesdump()
asundefined
in collections and removes keys with`undefined` in mappings, #571.null•
withdump()
now serializes invalid items in collections as null.skipInvalid=true• Custom tags starting with
are now dumped as!
instead of!tag
, #576.!<!tag>• Custom tags starting with
are now shorthanded usingtag:<http://yaml.org|yaml.org>,2002:
, #258.!!### Added
• Added
(es modules) support..mjs• Added
andquotingType
options for dumper to configure string literal style, #290, #529.forceQuotes• Added
... (truncated) Commits • `9963d36` 3.14.2 released • `10d3c8e` dist rebuild • `5278870` fix prototype pollution in merge (<<) (#731) • See full diff in compare view Updates
option for dumper (serializesstyles: { '!!null': 'empty' }
as "`foo: `"), #570.{ foo: null }
from 10.0.0 to 10.8.2 Release notes Sourced from mocha's releases.mocha## v10.8.2
## 10.8.2 (2024-10-30)
### 🩹 Fixes
• support errors with circular dependencies in object values with --parallel (#5212) (ba0fefe)
• test link in html reporter (#5224) (f054acc)
### 📚 Documentation
• indicate 'exports' interface does not work in browsers (#5181) (14e640e)
### 🧹 Chores
• fix docs builds by re-adding eleventy and ignoring gitignore again (#5240) (881e3b0)
### 🤖 Automation
• deps: bump the github-actions group with 1 update (#5132) (e536ab2)
## v10.8.1
## 10.8.1 (2024-10-29)
### 🩹 Fixes
• handle case of invalid package.json with no explicit config (#5198) (f72bc17)
• Typos on mochajs.org (#5237) (d8ca270)
• use accurate test links in HTML reporter (#5228) (68803b6)
## v10.8.0
## 10.8.0 (2024-10-29)
### 🌟 Features
• highlight browser failures (#5222) (8ff4845)
### 🩹 Fixes
• remove
from:is()
to support older browsers (#5225) (#5227) (0a24b58)mocha.css### 📚 Documentation
... (truncated) Changelog Sourced from mocha's changelog.## 10.8.2 (2024-10-30)
### 🩹 Fixes
• support errors with circular dependencies in object values with --parallel (#5212) (ba0fefe)
• test link in html reporter (#5224) (f054acc)
### 📚 Documentation
• indicate 'exports' interface does not work in browsers (#5181) (14e640e)
### :…
pact-foundation/pact-js - g
GitHub
11/21/2025, 1:10 PM#1614 Pact error messages for arrayContaining matcher are hard to decipher Issue created by mcalthrop I’m finding that error messages on Pact consumer failure (when using the
matcher) are not very helpful at pinpointing what part of the data is incorrect. The only error message is that the entry we're looking for wasn't found. For example:arrayContainingCopy code
When I'm looking at that message, I have no idea what part of it is incorrect. In my context, this is a test that used to work, but is now failing – which indicates that it's likely something small that has changed on the provider (it turned out to be different casing for one of the data keys). Testing libraries like Jest & Vitest have a useful way of showing the diffs of expected versus actual, so it would be really useful to have something like that. I realise this is likely quite challenging with theVariant at index 0 ({"attributes":{"createdAt":"2025-11-19T08:37:43.937Z","someProperty":{"image":{"alt":"Some alt text","url":"<https://example.com?some-image.jpg>"},"otherUrl":"<https://example.com?some-image.jpg>"},"payload":{"payload":{"someProperty":{"alt":"Some alt text","otherUrl":"<https://example.com?some-image.jpg>","url":"<https://example.com?some-image.jpg>"},"ctaTitleOverride":"some text","titleOverride":"some text","welcomeMessage":"Welcome!"},"type":"some-type"},"publishedAt":"2025-11-19T08:37:43.937Z","levels":["high"],"type":"some-type"},"id":"some-uuid","type":"another-type"}) was not found in the actual list
matcher, but it would make a massive difference in tracking down the error. pact-foundation/pact-jsarrayContaining - g
GitHub
11/25/2025, 3:03 PM#767 chore(deps): update dependency rimraf to v6.1.2 Pull request opened by renovate[bot] This PR contains the following updates: | Package | Change | Age | Confidence | | --------------------------------------------------- | ---------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | [rimraf](https://redirect.github.com/isaacs/rimraf) | [6.1.0 -> 6.1.2](https://renovatebot.com/diffs/npm/rimraf/6.1.0/6.1.2) | [[age](https://camo.githubusercontent.com/b8bfb39e06e097c61623030ceab16edf2290421d521d833febeeb2133e1542e5/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f6167652f6e706d2f72696d7261662f362e312e323f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | [[confidence](https://camo.githubusercontent.com/d2babd59bc2ff27f4eba765747d3ca6a9c2a8d7d4f1563dd1dae3677eeccf526/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f636f6e666964656e63652f6e706d2f72696d7261662f362e312e302f362e312e323f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes isaacs/rimraf (rimraf) ### `v6.1.2` Compare Source ### `v6.1.1` Compare Source --- ### Configuration 📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 Automerge: Enabled. ♻️ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about this update again. --- • If you want to rebase/retry this PR, check this box --- This PR was generated by Mend Renovate. View the repository job log. pact-foundation/pact-js-core- 1
- 1
- g
GitHub
11/25/2025, 3:03 PM#768 chore(deps): update dependency @snyk/protect to v1.1301.0 Pull request opened by renovate[bot] This PR contains the following updates: | Package | Change | Age | Confidence | | ------------------------------------------------------ | ------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | [@snyk/protect](https://redirect.github.com/snyk/snyk) | [1.1300.2 -> 1.1301.0](https://renovatebot.com/diffs/npm/@snyk%2fprotect/1.1300.2/1.1301.0) | [[age](https://camo.githubusercontent.com/4d30207c4cccb7f642a04f3751b48edbd8d766ae8d37da0b840336e7b5ec3396/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f6167652f6e706d2f40736e796b25326670726f746563742f312e313330312e303f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | [[confidence](https://camo.githubusercontent.com/f2f5a780d5517d26f68349337baddd8a6b8c9b825fdeed210a46252ae10df10a/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f636f6e666964656e63652f6e706d2f40736e796b25326670726f746563742f312e313330302e322f312e313330312e303f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes snyk/snyk (@snyk/protect) ### `v1.1301.0` Compare Source The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation ##### Features • container: The Snyk CLI now supports scanning Ubuntu Chisel images for vulnerabilities (9328757) • container: The Snyk CLI now supports scanning container images with zstd-compressed layers (5080e42) • container: Added a new parameter,
, to support scanning of usr/lib JARs (57078b6) • test(maven): Initial maven 4 support, testing against the most recent release candidate (88cf47e) • test(maven): A new experimental flag--include-system-jars
that will produce DepGraphs containing purls with checksum qualifiers for each package. Primarily to be used via --print-graph, not yet used in the main testing flow (5b8fe0a) • sbom(maven): A new experimental flag--include-provenance
that will produce an SBOM with checksum qualifiers in each purl (5b8fe0a) • language-server: Automatic selection of the organization for IDEs based on workspace folder (EA). (2cc554e) • language-server: Analytics for configuration and folder trust (2cc554e) • mcp: Support for writing scan output into a file (2cc554e) • mcp: Service Account support (2cc554e) ##### Bug Fixes • general: Fix incorrect error mapping for varying status codes (5829500) • general: Some invalid flag combinations are now correctly handled (ca5903b) • test: The Snyk CLI now correctly handles optional dependencies without separate package entries (bfcbda7) • test: The Snyk CLI now correctly handles aliased packages with nested dependencies (bfcbda7) • test: The Snyk CLI now correctly handles bundled dependencies with non-hoisted bundle owners (bfcbda7) • test: Fixes issue where sub packages were getting grouped incorrectly, leading to deps getting marked as missing. (b904e8c) • test, sbom: Stops misclassifying NX Build project.json as a NuGet project (ff6860f) • test(npm): Improve npm alias support (cb37da7) • test(npm): The Snyk CLI now correctly handles npm packages with bundled dependencies (7d93b86) • test(python): Scanning projects using Python 2.7 will no longer fail with a string formatting error (4effc7f) • test(python): Fixed JSON parsing error for Python projects with missing packages (4effc7f) • test(maven): Underlying maven commands adjusted slightly to make aggregate projects that encounter issues when rebuilding more likely to succeed (3b72d86) • test(dotnet): Fix an issue with NuGet v3 scanner where the netstandard and netcoreapp TargetFrameworks were treated as .netx.x (227b50c) • test(dotnet): Fix an issue with NuGet v3 scanner where the pinned dependencies were not discovered (0d9b0c4) • container: Fixed a bug where scanning docker images with very large files would result in the CLI crashing with no message (57078b6) • container: Fix rare crash when scan… pact-foundation/pact-js-core--include-provenance- 1
- 1
- g
GitHub
11/25/2025, 3:09 PM#1615 chore(deps): update dependency rimraf to v6.1.2 Pull request opened by renovate[bot] This PR contains the following updates: | Package | Change | Age | Confidence | | --------------------------------------------------- | ---------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | [rimraf](https://redirect.github.com/isaacs/rimraf) | [6.1.0 -> 6.1.2](https://renovatebot.com/diffs/npm/rimraf/6.1.0/6.1.2) | [[age](https://camo.githubusercontent.com/b8bfb39e06e097c61623030ceab16edf2290421d521d833febeeb2133e1542e5/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f6167652f6e706d2f72696d7261662f362e312e323f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | [[confidence](https://camo.githubusercontent.com/d2babd59bc2ff27f4eba765747d3ca6a9c2a8d7d4f1563dd1dae3677eeccf526/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f636f6e666964656e63652f6e706d2f72696d7261662f362e312e302f362e312e323f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes isaacs/rimraf (rimraf) ### `v6.1.2` Compare Source ### `v6.1.1` Compare Source --- ### Configuration 📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 Automerge: Enabled. ♻️ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about this update again. --- • If you want to rebase/retry this PR, check this box --- This PR was generated by Mend Renovate. View the repository job log. pact-foundation/pact-js - g
GitHub
11/25/2025, 6:31 PM#1616 chore(deps): update dependency body-parser to v2.2.1 [security] Pull request opened by renovate[bot] This PR contains the following updates: | Package | Change | Age | Confidence | | ---------------------------------------------------------------- | --------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | [body-parser](https://redirect.github.com/expressjs/body-parser) | [2.2.0 -> 2.2.1](https://renovatebot.com/diffs/npm/body-parser/2.2.0/2.2.1) | [[age](https://camo.githubusercontent.com/9f2250a71a7eb5c4c4f980b168e4e667520c1cf53c5e446a8d000ecce1be21dd/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f6167652f6e706d2f626f64792d7061727365722f322e322e313f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | [[confidence](https://camo.githubusercontent.com/b1ec0dace9b46fd366df4775fd8b603041e0ed7c919d1ab0e4f7b064c0bd5a02/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f636f6e666964656e63652f6e706d2f626f64792d7061727365722f322e322e302f322e322e313f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | ### GitHub Vulnerability Alerts #### CVE-2025-13466 ### Impact body-parser 2.2.0 is vulnerable to denial of service due to inefficient handling of URL-encoded bodies with very large numbers of parameters. An attacker can send payloads containing thousands of parameters within the default 100KB request size limit, causing elevated CPU and memory usage. This can lead to service slowdown or partial outages under sustained malicious traffic. ### Patches This issue is addressed in version 2.2.1. --- ### Release Notes expressjs/body-parser (body-parser) ### `v2.2.1` Compare Source ========================= • Security fix for GHSA-wqch-xfxh-vrr4 • deps: • type-is@^2.0.1 • iconv-lite@^0.7.0 • Handle split surrogate pairs when encoding UTF-8 • Avoid false positives in
by using prototype-less objects • raw-body@^3.0.1 • debug@^4.4.3 --- ### Configuration 📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined). 🚦 Automerge: Enabled. ♻️ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about this update again. --- • If you want to rebase/retry this PR, check this box --- This PR was generated by Mend Renovate. View the repository job log. pact-foundation/pact-jsencodingExists - g
GitHub
11/25/2025, 6:31 PM#1617 chore(deps): update dependency @types/lodash to v4.17.21 Pull request opened by renovate[bot] This PR contains the following updates: | Package | Change | Age | Confidence | | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | [@types/lodash](https://redirect.github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/lodash) ([source](https://redirect.github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/lodash)) | [4.17.20 -> 4.17.21](https://renovatebot.com/diffs/npm/@types%2flodash/4.17.20/4.17.21) | [[age](https://camo.githubusercontent.com/e49acd784e7e5e87d18c800807a666ea84354744661e61b493e064a3d2d70be3/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f6167652f6e706d2f4074797065732532666c6f646173682f342e31372e32313f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | [[confidence](https://camo.githubusercontent.com/6061ec38351d568d92fe0fb6de330108150b058561ee90057a3d7c72ef17e268/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f636f6e666964656e63652f6e706d2f4074797065732532666c6f646173682f342e31372e32302f342e31372e32313f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 Automerge: Enabled. ♻️ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about this update again. --- • If you want to rebase/retry this PR, check this box --- This PR was generated by Mend Renovate. View the repository job log. pact-foundation/pact-js - g
GitHub
11/27/2025, 9:00 AM#451 chore(deps): update dependency prettier to v3.7.1 Pull request opened by renovate[bot] This PR contains the following updates: | Package | Change | Age | Confidence | | ----------------------------------------------------------------------------------------- | ------------------------------------------------------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | [prettier](https://prettier.io) ([source](https://redirect.github.com/prettier/prettier)) | [3.6.2 -> 3.7.1](https://renovatebot.com/diffs/npm/prettier/3.6.2/3.7.1) | [[age](https://camo.githubusercontent.com/307168500adedad4fce6ac8b0de5771eba56d81659fcaa4c0c2a2d89922aacfd/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f6167652f6e706d2f70726574746965722f332e372e313f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | [[confidence](https://camo.githubusercontent.com/0833e577b8e0a0e3cb9f6325ce2cc33e9ba6ee86a7cbfb0bd4b40e50dabe159f/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f636f6e666964656e63652f6e706d2f70726574746965722f332e362e322f332e372e313f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes prettier/prettier (prettier) ### `v3.7.1` Compare Source diff ##### API: Fix performance regression in doc printer (#18342 by @fisker) Prettier 3.7.1 can be very slow when formatting big files, the regression has been fixed. ### `v3.7.0` Compare Source diff 🔗 Release Notes --- ### Configuration 📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 Automerge: Enabled. ♻️ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about this update again. --- • If you want to rebase/retry this PR, check this box --- This PR was generated by Mend Renovate. View the repository job log. pact-foundation/jest-pact- 1
- 1
- g
GitHub
11/27/2025, 5:57 PM1 new commit pushed to
by renovate[bot]<https://github.com/pact-foundation/jest-pact/tree/master|master>
- chore(deps): update dependency prettier to v3.7.1 (#451) pact-foundation/jest-pact<https://github.com/pact-foundation/jest-pact/commit/daa7a4ac0f977505f3165521ceb1c4c6416ebead|daa7a4ac> - g
GitHub
11/27/2025, 6:10 PM#769 chore(deps): update typescript-eslint monorepo to v8.48.0 Pull request opened by renovate[bot] This PR contains the following updates: | Package | Change | Age | Confidence | | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | [@typescript-eslint/eslint-plugin](https://typescript-eslint.io/packages/eslint-plugin) ([source](https://redirect.github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin)) | [8.47.0 -> 8.48.0](https://renovatebot.com/diffs/npm/@typescript-eslint%2feslint-plugin/8.47.0/8.48.0) | [[age](https://camo.githubusercontent.com/6367a07fa85bc8a88b439e7cc780e123e61b4bfce04e42dab32e4ec9eca75ea8/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f6167652f6e706d2f40747970657363726970742d65736c696e7425326665736c696e742d706c7567696e2f382e34382e303f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | [[confidence](https://camo.githubusercontent.com/e5db376a7fdd9637422940efd08f230e20190c322e4d43a8755c3d42b57e0307/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f636f6e666964656e63652f6e706d2f40747970657363726970742d65736c696e7425326665736c696e742d706c7567696e2f382e34372e302f382e34382e303f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | | [@typescript-eslint/parser](https://typescript-eslint.io/packages/parser) ([source](https://redirect.github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser)) | [8.47.0 -> 8.48.0](https://renovatebot.com/diffs/npm/@typescript-eslint%2fparser/8.47.0/8.48.0) | [[age](https://camo.githubusercontent.com/d1f457ff4c2903d2cf36a41d42baf4faa8976a5327fc1886fd68f428fa9c9cf7/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f6167652f6e706d2f40747970657363726970742d65736c696e742532667061727365722f382e34382e303f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | [[confidence](https://camo.githubusercontent.com/6a492221ae5ae8daca2468c6e74eea2e8b4091065bc615eb3b9137f83e2ae442/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f636f6e666964656e63652f6e706d2f40747970657363726970742d65736c696e742532667061727365722f382e34372e302f382e34382e303f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | | [typescript-eslint](https://typescript-eslint.io/packages/typescript-eslint) ([source](https://redirect.github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint)) | [8.47.0 -> 8.48.0](https://renovatebot.com/diffs/npm/typescript-eslint/8.47.0/8.48.0) | [[age](https://camo.githubusercontent.com/81f471516bce0133c5fe933bc8a07fe52eb1138a9f8bd835e7dcb2bf0f0a4555/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f6167652f6e706d2f747970657363726970742d65736c696e742f382e34382e303f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | [[confidence](https://camo.githubusercontent.com/93505609be94e7e67f6ed5d8b3fc205fbc07f02efbc398d39fc80304a1463ffc/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f636f6e666964656e63652f6e706d2f747970657363726970742d65736c696e742f382e34372e302f382e34382e303f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes typescript-eslint/typescript-eslint (@typescript-eslint/eslint-plugin) ### `v8.48.0` Compare Source ##### 🚀 Features • eslint-plugin: [no-redundant-type-constituents] use assignability checking for redundancy checks (#10744) ##### 🩹 Fixes • typescript-estree: disallow binding patterns in parameter properties (#11760) • eslint-plugin: [consistent-generic-constructors] ignore when constructor is typed array (#10477) ##### ❤️ Thank You • Dima Barabash @dbarabashh • JamesHenry @JamesHenry • Josh Goldberg • mdm317 @gen-ip-1 You can read about our versioning strategy and releases on our website. typescript-eslint/typescript-eslint (@typescript-eslint/parser) ### `v8.48.0` Compare Source This was a version bump only for parser to align it with other projects, there were no code changes. You can read about our versioning strategy and releases on our website. typescript-eslint/typescript-eslint (typescript-eslint) ### `v8.48.0` Compare Source This was a version bump only for typescript-eslint to align it with other projects, there were no code changes. You can read about our versioning strategy and releases on our website. --- ### Configuration 📅 Schedule: Branch creation - At any time (no schedule defined), Automerge… pact-foundation/pact-js-core- 1
- 1
- g
GitHub
11/27/2025, 9:50 PM#770 chore(deps): update dependency body-parser to v2.2.1 Pull request opened by renovate[bot] This PR contains the following updates: | Package | Change | Age | Confidence | | ---------------------------------------------------------------- | --------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | [body-parser](https://redirect.github.com/expressjs/body-parser) | [2.2.0 -> 2.2.1](https://renovatebot.com/diffs/npm/body-parser/2.2.0/2.2.1) | [[age](https://camo.githubusercontent.com/9f2250a71a7eb5c4c4f980b168e4e667520c1cf53c5e446a8d000ecce1be21dd/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f6167652f6e706d2f626f64792d7061727365722f322e322e313f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | [[confidence](https://camo.githubusercontent.com/b1ec0dace9b46fd366df4775fd8b603041e0ed7c919d1ab0e4f7b064c0bd5a02/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f636f6e666964656e63652f6e706d2f626f64792d7061727365722f322e322e302f322e322e313f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes expressjs/body-parser (body-parser) ### `v2.2.1` Compare Source ========================= • Security fix for GHSA-wqch-xfxh-vrr4 • deps: • type-is@^2.0.1 • iconv-lite@^0.7.0 • Handle split surrogate pairs when encoding UTF-8 • Avoid false positives in
by using prototype-less objects • raw-body@^3.0.1 • debug@^4.4.3 --- ### Configuration 📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 Automerge: Enabled. ♻️ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about this update again. --- • If you want to rebase/retry this PR, check this box --- This PR was generated by Mend Renovate. View the repository job log. pact-foundation/pact-js-coreencodingExists - g
GitHub
11/28/2025, 10:06 PM#452 chore(deps): update dependency prettier to v3.7.2 Pull request opened by renovate[bot] This PR contains the following updates: | Package | Change | Age | Confidence | | ----------------------------------------------------------------------------------------- | ------------------------------------------------------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | [prettier](https://prettier.io) ([source](https://redirect.github.com/prettier/prettier)) | [3.7.1 -> 3.7.2](https://renovatebot.com/diffs/npm/prettier/3.7.1/3.7.2) | [[age](https://camo.githubusercontent.com/f659d3a636f43bb52b1a30650aaff848012161760a621908f5007b54e268e638/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f6167652f6e706d2f70726574746965722f332e372e323f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | [[confidence](https://camo.githubusercontent.com/a10778b81a37f88c401435f645ed96a4a2b849f9f38382e973850a63c04fe139/68747470733a2f2f646576656c6f7065722e6d656e642e696f2f6170692f6d632f6261646765732f636f6e666964656e63652f6e706d2f70726574746965722f332e372e312f332e372e323f736c696d3d74727565)](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes prettier/prettier (prettier) ### `v3.7.2` Compare Source diff ##### JavaScript: Fix string print when switching quotes (#18351 by @fisker) // Input console.log("A descriptor\\'s .kind must be \"method\" or \"field\".") // Prettier 3.7.1 console.log('A descriptor\\'s .kind must be "method" or "field".'); // Prettier 3.7.2 console.log('A descriptor\\\'s .kind must be "method" or "field".'); ##### JavaScript: Preserve quote for embedded HTML attribute values (#18352 by @kovsu) // Input const html = /* HTML */ ` <div class="${styles.banner}"></div>Copy code
<div class=${styles.banner}></div>; // Prettier 3.7.1 const html = /* HTML */Copy code
<div class="${styles.banner}"></div> `; ##### TypeScript: Fix comment in empty type literal (#18364 by @fisker) // Input export type XXX = { // tbd }; // Prettier 3.7.1 export type XXX = { // tbd }; // Prettier 3.7.2 export type XXX = { // tbd }; --- ### Configuration 📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 Automerge: Enabled. ♻️ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about this update again. --- • If you want to rebase/retry this PR, check this box --- This PR was generated by Mend Renovate. View the repository job log. pact-foundation/jest-pact; // Prettier 3.7.2 const html = /* HTML */