build(deps): bump the patch group across 1 directory with 4 updates #549

dependabot · 2025-11-01T20:04:21Z

Bumps the patch group with 4 updates in the / directory: color, dayjs, validator and @mdx-js/react.

Updates color from 5.0.0 to 5.0.2

Release notes

Sourced from color's releases.

5.0.2

Functionally identical release to 5.0.0.

Version 5.0.1 is compromised. Please see debug-js/debug#1005.

Commits

02a615f 5.0.2
See full diff in compare view

Updates dayjs from 1.11.13 to 1.11.19

Release notes

Sourced from dayjs's releases.

v1.11.19

1.11.19 (2025-10-31)

Bug Fixes

added usage warnings for diff + updated unit tests (#2948) (269a7a9)

dont instantiate regexes within ar locale functions to avoid performance overhead (#2898) (af5e9f0)

replace italian locale "un' ora fa" with "un'ora fa", add tests for it (#2930) (9e9f76c)

Updated Belarusian locale with relative time (#2656) (1d8746c)

v1.11.18

1.11.18 (2025-08-30)

Bug Fixes

error semantic-release dependency (8cfb313)

v1.11.17

1.11.17 (2025-08-29)

Bug Fixes

[en-AU] locale use the same ordinal as moment (#2878) (1b95ecd)

v1.11.16

1.11.16 (2025-08-29)

Bug Fixes

test release workflow (no code changes) (c38c428)

v1.11.15

1.11.15 (2025-08-28)

Bug Fixes

Fix misspellings in Irish or Irish Gaelic [ga] (#2861) (9c14a42)

v1.11.14

1.11.14 (2025-08-27)

Bug Fixes

.utcOffset(0, true) result and its clone are different bug (#2505) (fefdcd4)

Changelog

Sourced from dayjs's changelog.

1.11.19 (2025-10-31)

Bug Fixes

added usage warnings for diff + updated unit tests (#2948) (269a7a9)

dont instantiate regexes within ar locale functions to avoid performance overhead (#2898) (af5e9f0)

replace italian locale "un' ora fa" with "un'ora fa", add tests for it (#2930) (9e9f76c)

Updated Belarusian locale with relative time (#2656) (1d8746c)

1.11.18 (2025-08-30)

Bug Fixes

error semantic-release dependency (8cfb313)

1.11.17 (2025-08-29)

Bug Fixes

[en-AU] locale use the same ordinal as moment (#2878) (1b95ecd)

1.11.16 (2025-08-29)

Bug Fixes

test release workflow (no code changes) (c38c428)

1.11.15 (2025-08-28)

Bug Fixes

Fix misspellings in Irish or Irish Gaelic [ga] (#2861) (9c14a42)

1.11.14 (2025-08-27)

Bug Fixes

.utcOffset(0, true) result and its clone are different bug (#2505) (fefdcd4)

Commits

02b7a5c chore(release): 1.11.19 [skip ci]
37193be Merge pull request #2950 from iamkun/dev
2db920b chore: update doc
4f72974 chore: update doc
0b36a07 chore: update doc
269a7a9 fix: added usage warnings for diff + updated unit tests (#2948)
9e3132e chore: update doc
84201e6 chore: update doc
80401e3 chore: update readme
88ad3fd test: Add unit test for Belarusian locale (#2934)
Additional commits viewable in compare view

Updates validator from 13.15.15 to 13.15.20

Release notes

Sourced from validator's releases.

13.15.20

Fixes, New Locales and Enhancements

#2556 isMobilePhone: add ar-QA locale @WardKhaddour

#2576 isAlpha/isAlphanuneric: add Indic locales (ta-IN, te-IN, kn-IN, ml-IN, gu-IN, pa-IN, or-IN) @avadootharajesh

#2574 isBase64: improve padding regex @KrayzeeKev

#2584 isVAT: improve FR locale @iamAmer

#2608 isURL: improve protocol detection. Resolves CVE-2025-56200 @theofidry

Doc fixes and others:

#2563 @stoneLeaf

#2581 @camillobruni

New Contributors

@stoneLeaf made their first contribution in validatorjs/validator.js#2563

@WardKhaddour made their first contribution in validatorjs/validator.js#2556

@avadootharajesh made their first contribution in validatorjs/validator.js#2576

@KrayzeeKev made their first contribution in validatorjs/validator.js#2574

@iamAmer made their first contribution in validatorjs/validator.js#2584

@camillobruni made their first contribution in validatorjs/validator.js#2581

@theofidry made their first contribution in validatorjs/validator.js#2608

Full Changelog: validatorjs/validator.js@13.15.15...13.15.20

Changelog

Sourced from validator's changelog.

13.15.20

Fixes, New Locales and Enhancements

#2556 isMobilePhone: add ar-QA locale @WardKhaddour

#2576 isAlpha/isAlphanuneric: add Indic locales (ta-IN, te-IN, kn-IN, ml-IN, gu-IN, pa-IN, or-IN) @avadootharajesh

#2574 isBase64: improve padding regex @KrayzeeKev

#2584 isVAT: improve FR locale @iamAmer

#2608 isURL: improve protocol detection. Resolves CVE-2025-56200 @theofidry

Doc fixes and others:

#2563 @stoneLeaf

#2581 @camillobruni

Commits

30d4fe0 13.15.20
cbef508 fix(isURL): improve protocol detection. Resolves CVE-2025-56200 (#2608)
6f436be Fix typo in validators.test.js (#2581)
3c85708 Fix: correct French VAT (FR) validation regex and add tests (#2584)
eee525c #2491 #2573 Simplify isBase64 to prevent stack overflow (#2574)
abcc8ec feat(isAlpha, isAlphanumeric): add support for Indic locales (ta-IN, te-IN, k...
72573b3 Add Qatar phone number validation (#2556)
243f6c5 docs(isMACAddress): improve ambiguous option description (#2563)
See full diff in compare view

Updates @mdx-js/react from 3.1.0 to 3.1.1

Release notes

Sourced from @mdx-js/react's releases.

3.1.1

Fix

3cad7d7e @mdx-js/mdx: add dependency on acorn

0dc4472f @mdx-js/esbuild: fix crash with esbuild loader and jsx option by @egnor in mdx-js/mdx#2593

84ec66ef @mdx-js/esbuild: refactor to improve error conversion in esbuild by @egnor in mdx-js/mdx#2595

2b3381a8 @mdx-js/rollup: fix support for query parameters in Vite by @markdalgleish in mdx-js/mdx#2629

Types

933ab444 @mdx-js/mdx: add attributes to export/import declarations

Docs

c156a1f6 Add rehype-mdx-toc to list of plugin by @boning-w in mdx-js/mdx#2622

913659c8 Add recma-module-to-function to list of plugins by @remcohaszing in mdx-js/mdx#2605

67fb1d07 Remove unneeded JSX type casting in docs, tests

f0d20da8 Remove local use of JSX by @remcohaszing in mdx-js/mdx#2604

63f39cea Remove references to twitter

35ac59dd Refactor some docs regarding recma plugins

Full Changelog: mdx-js/mdx@3.1.0...3.1.1

Commits

50aa8df 3.1.1
67fb1d0 Remove unneeded JSX type casting in docs, tests
f0d20da Remove local use of JSX
e587c8c Update remark-preset-wooorm
See full diff in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

Bumps the patch group with 4 updates in the / directory: [color](https://github.com/Qix-/color), [dayjs](https://github.com/iamkun/dayjs), [validator](https://github.com/validatorjs/validator.js) and [@mdx-js/react](https://github.com/mdx-js/mdx/tree/HEAD/packages/react). Updates `color` from 5.0.0 to 5.0.2 - [Release notes](https://github.com/Qix-/color/releases) - [Commits](Qix-/color@5.0.0...5.0.2) Updates `dayjs` from 1.11.13 to 1.11.19 - [Release notes](https://github.com/iamkun/dayjs/releases) - [Changelog](https://github.com/iamkun/dayjs/blob/dev/CHANGELOG.md) - [Commits](iamkun/dayjs@v1.11.13...v1.11.19) Updates `validator` from 13.15.15 to 13.15.20 - [Release notes](https://github.com/validatorjs/validator.js/releases) - [Changelog](https://github.com/validatorjs/validator.js/blob/master/CHANGELOG.md) - [Commits](validatorjs/validator.js@13.15.15...13.15.20) Updates `@mdx-js/react` from 3.1.0 to 3.1.1 - [Release notes](https://github.com/mdx-js/mdx/releases) - [Changelog](https://github.com/mdx-js/mdx/blob/main/changelog.md) - [Commits](https://github.com/mdx-js/mdx/commits/3.1.1/packages/react) --- updated-dependencies: - dependency-name: color dependency-version: 5.0.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch - dependency-name: dayjs dependency-version: 1.11.19 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch - dependency-name: validator dependency-version: 13.15.20 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch - dependency-name: "@mdx-js/react" dependency-version: 3.1.1 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: patch ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot · 2026-01-01T20:03:46Z

Looks like these dependencies are updatable in another way, so this is no longer needed.

dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Nov 1, 2025

dependabot bot closed this Jan 1, 2026

dependabot bot deleted the dependabot/npm_and_yarn/patch-0de9d5288e branch January 1, 2026 20:03

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

build(deps): bump the patch group across 1 directory with 4 updates #549

build(deps): bump the patch group across 1 directory with 4 updates #549

Uh oh!

dependabot bot commented on behalf of github Nov 1, 2025 •

edited

Loading

Uh oh!

dependabot bot commented on behalf of github Jan 1, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

build(deps): bump the patch group across 1 directory with 4 updates #549

build(deps): bump the patch group across 1 directory with 4 updates #549

Uh oh!

Conversation

dependabot bot commented on behalf of github Nov 1, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

5.0.2

v1.11.19

1.11.19 (2025-10-31)

Bug Fixes

v1.11.18

1.11.18 (2025-08-30)

Bug Fixes

v1.11.17

1.11.17 (2025-08-29)

Bug Fixes

v1.11.16

1.11.16 (2025-08-29)

Bug Fixes

v1.11.15

1.11.15 (2025-08-28)

Bug Fixes

v1.11.14

1.11.14 (2025-08-27)

Bug Fixes

1.11.19 (2025-10-31)

Bug Fixes

1.11.18 (2025-08-30)

Bug Fixes

1.11.17 (2025-08-29)

Bug Fixes

1.11.16 (2025-08-29)

Bug Fixes

1.11.15 (2025-08-28)

Bug Fixes

1.11.14 (2025-08-27)

Bug Fixes

13.15.20

Fixes, New Locales and Enhancements

New Contributors

13.15.20

Fixes, New Locales and Enhancements

3.1.1

Fix

Types

Docs

Uh oh!

dependabot bot commented on behalf of github Jan 1, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

dependabot bot commented on behalf of github Nov 1, 2025 •

edited

Loading