Skip to content

Bump the npm_and_yarn group across 3 directories with 5 updates #479

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Bump the npm_and_yarn group across 3 directories with 5 updates #479

dependabot wants to merge 1 commit into from
+91 −140

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Jan 13, 2026

Bumps the npm_and_yarn group with 3 updates in the /renderers/angular directory: @angular/compiler, qs and systeminformation.
Bumps the npm_and_yarn group with 3 updates in the /samples/client/angular directory: @angular/compiler, qs and systeminformation.
Bumps the npm_and_yarn group with 2 updates in the /specification/v0_8/eval directory: jws and node-forge.

Updates @angular/compiler from 21.0.3 to 21.0.8

Release notes

Sourced from @​angular/compiler's releases.

21.0.8

core

Commit Description
fix - a6a2621bf9 fix memory leak with event replay
fix - 5239e471a1 handle cancelled traversals in fake navigation

21.0.7

compiler

Commit Description
fix - 8e808740c9 better types for a few expression AST nodes
fix - 63b1cdcf70 produce accurate span for typeof and void expressions
fix - 3c3ae0cb64 provide location information for literal map keys
fix - 523dbaf1c3 stop ThisReceiver inheritance from ImplicitReceiver

compiler-cli

Commit Description
fix - 4d9c4567ed ensure component import diagnostics are reported within the imports expression
fix - cd405685af fix up spelling of diagnostic
fix - 778460fcca support qualified names in typeof type references

core

Commit Description
fix - 7c74674eb0 avoid leaking view data in animations
fix - 0edbee4550 explicitly cast signal node value to String
fix - f9c29572d2 sanitize sensitive attributes on SVG script elements

forms

Commit Description
feat - e3fba182f9 add [formField] directive
fix - 561772b152 allow custom controls to require dirty input
fix - f0fb1d8581 allow custom controls to require hidden input
fix - ec110f170b allow custom controls to require pending input
fix - ae1dc16bb0 clean up abort listener after timeout
fix - 9748b0d5da support custom controls with non signal-based models
fix - 6bd22df987 Support readonly arrays in signal forms

router

Commit Description
fix - 41cd4a6af8 Fix RouterLink href not updating with queryParamsHandling
fix - 5e9e09aee0 handle errors from view transition updateCallbackDone promise

21.0.6

core

Commit Description
fix - 4c8fb3631d throw better errors for potential circular references
fix - 48492524ea use mutable ResponseInit type for RESPONSE_INIT token

forms

... (truncated)

Changelog

Sourced from @​angular/compiler's changelog.

21.0.8 (2026-01-08)

core

Commit Type Description
a6a2621bf9 fix fix memory leak with event replay
5239e471a1 fix handle cancelled traversals in fake navigation

20.3.16 (2026-01-07)

core

Commit Type Description
c2c2b4aaa8 fix sanitize sensitive attributes on SVG script elements

19.2.18 (2026-01-07)

core

Commit Type Description
26cdc53d9c fix sanitize sensitive attributes on SVG script elements

21.0.7 (2026-01-07)

compiler

Commit Type Description
8e808740c9 fix better types for a few expression AST nodes
63b1cdcf70 fix produce accurate span for typeof and void expressions
3c3ae0cb64 fix provide location information for literal map keys
523dbaf1c3 fix stop ThisReceiver inheritance from ImplicitReceiver

compiler-cli

Commit Type Description
4d9c4567ed fix ensure component import diagnostics are reported within the imports expression
cd405685af fix fix up spelling of diagnostic
778460fcca fix support qualified names in typeof type references

core

Commit Type Description
7c74674eb0 fix avoid leaking view data in animations
0edbee4550 fix explicitly cast signal node value to String
f9c29572d2 fix sanitize sensitive attributes on SVG script elements

forms

| Commit | Type | Description |

... (truncated)

Commits
  • fbb37d8 refactor(core): remove unused instruction parameter
  • 63b1cdc fix(compiler): produce accurate span for typeof and void expressions
  • e3fba18 feat(forms): add [formField] directive
  • 8e80874 fix(compiler): better types for a few expression AST nodes
  • f9c2957 fix(core): sanitize sensitive attributes on SVG script elements
  • 523dbaf fix(compiler): stop ThisReceiver inheritance from ImplicitReceiver
  • 3c3ae0c fix(compiler): provide location information for literal map keys
  • feed89e ci: reformat files
  • 31b9090 refactor(compiler): remove unnecessary sanitization for safe attributes
  • 534b1b5 Revert "refactor(compiler): remove unnecessary sanitization for safe attributes"
  • Additional commits viewable in compare view

Updates qs from 6.14.0 to 6.14.1

Changelog

Sourced from qs's changelog.

6.14.1

  • [Fix] ensure arrayLength applies to [] notation as well
  • [Fix] parse: when a custom decoder returns null for a key, ignore that key
  • [Refactor] parse: extract key segment splitting helper
  • [meta] add threat model
  • [actions] add workflow permissions
  • [Tests] stringify: increase coverage
  • [Dev Deps] update eslint, @ljharb/eslint-config, npmignore, es-value-fixtures, for-each, object-inspect
Commits
  • 3fa11a5 v6.14.1
  • a626704 [Dev Deps] update npmignore
  • 3086902 [Fix] ensure arrayLength applies to [] notation as well
  • fc7930e [Dev Deps] update eslint, @ljharb/eslint-config
  • 0b06aac [Dev Deps] update @ljharb/eslint-config
  • 64951f6 [Refactor] parse: extract key segment splitting helper
  • e1bd259 [Dev Deps] update @ljharb/eslint-config
  • f4b3d39 [eslint] add eslint 9 optional peer dep
  • 6e94d95 [Dev Deps] update eslint, @ljharb/eslint-config, npmignore
  • 973dc3c [actions] add workflow permissions
  • Additional commits viewable in compare view

Updates systeminformation from 5.27.7 to 5.30.3

Release notes

Sourced from systeminformation's releases.

v5.30.3

Full Changelog: sebhildebrandt/systeminformation@v5.30.2...v5.30.3

v5.30.2

Full Changelog: sebhildebrandt/systeminformation@v5.30.1...v5.30.2

v5.30.1

Full Changelog: sebhildebrandt/systeminformation@v5.30.0...v5.30.1

v5.30.0

Full Changelog: sebhildebrandt/systeminformation@v5.29.1...v5.30.0

v5.29.1

Full Changelog: sebhildebrandt/systeminformation@v5.29.0...v5.29.1

v5.29.0

Full Changelog: sebhildebrandt/systeminformation@v5.28.10...v5.29.0

Changelog

Sourced from systeminformation's changelog.

Changelog

Major Changes - Version 5

New Functions

  • audio() detailed audio information
  • bluetoothDevices() detailed information detected bluetooth devices
  • dockerImages() detailed information docker images
  • dockerVolumes() detailed information docker volumes
  • printers() detailed printer information
  • usb() detailed USB information
  • wifiInterfaces() detected Wi-Fi interfaces
  • wifiConnections() active Wi-Fi connections

Breaking Changes

Be aware, that the new version 5.x is NOT fully backward compatible to version 4.x ...

We had to make several interface changes to keep systeminformation as consistent as possible. We highly recommend to go through the complete list and adapt your own code to be again compatible to the new version 5.

Function Old New (V5) Comments
unsupported values -1 null values which are unknown orunsupported on platform
battery() hasbatterycyclecountischargingdesignedcapacitymaxcapacityacconnectedtimeremaining hasBatterycycleCountisChargingdesignedCapacitymaxCapacityacConnectedtimeRemaining pascalCase conformity
blockDevices() fstype fsType pascalCase conformity
cpu() speedminspeedmax speedMinspeedMax pascalCase conformity
cpu().speedcpu().speedMincpu().speedMax string values now returningnumerical values better value handling
cpuCurrentspeed() cpuCurrentSpeed() function name changedpascalCase conformity
currentLoad() avgloadcurrentloadcurrentload_usercurrentload_systemcurrentload_nicecurrentload_idlecurrentload_irqraw_currentload avgLoadcurrentLoadcurrentLoadUsercurrentLoadSystemcurrentLoadNicecurrentLoadIdlecurrentLoadIrqrawCurrentLoad pascalCase conformity
dockerContainerStats() mem_usagemem_limitmem_percentcpu_percentcpu_statsprecpu_statsmemory_stats memUsagememLimitmemPercentcpuPercentcpuStatsprecpuStatsmemoryStats pascalCase conformity
dockerContainerProcesses() pid_host pidHost pascalCase conformity
graphics().display pixeldepthresolutionxresolutionysizexsizey pixelDepthresolutionXresolutionYsizeXsizeY pascalCase conformity
networkConnections() localaddresslocalportpeeraddresspeerport localAddresslocalPortpeerAddresspeerPort pascalCase conformity
networkInterfaces() carrier_changes carrierChanges pascalCase conformity
processes() mem_vszmem_rsspcpupcpuupcpuspmem memVszmemRsscpucpuucpusmem pascalCase conformityrenamed attributes
processLoad() result as object result as array of objects function now allows to provide more thanone process (as a comma separated list)
services() pcpupmem cpumem renamed attributes
vbox() HPETPAEAPICX2APICACPIIOAPICbiosAPICmodeTRC hpetpaeapicx2ApicacpiioApicbiosApicModertc pascalCase conformity

Other Improvements and Changes

  • baseboard(): added memMax, memSlots
  • bios(): added language and features (linux)
  • blockDevices() added raid group member (linux)
  • cpu(): extended AMD processor list

... (truncated)

Commits

Updates @angular/compiler from 21.0.3 to 21.0.7

Release notes

Sourced from @​angular/compiler's releases.

21.0.8

core

Commit Description
fix - a6a2621bf9 fix memory leak with event replay
fix - 5239e471a1 handle cancelled traversals in fake navigation

21.0.7

compiler

Commit Description
fix - 8e808740c9 better types for a few expression AST nodes
fix - 63b1cdcf70 produce accurate span for typeof and void expressions
fix - 3c3ae0cb64 provide location information for literal map keys
fix - 523dbaf1c3 stop ThisReceiver inheritance from ImplicitReceiver

compiler-cli

Commit Description
fix - 4d9c4567ed ensure component import diagnostics are reported within the imports expression
fix - cd405685af fix up spelling of diagnostic
fix - 778460fcca support qualified names in typeof type references

core

Commit Description
fix - 7c74674eb0 avoid leaking view data in animations
fix - 0edbee4550 explicitly cast signal node value to String
fix - f9c29572d2 sanitize sensitive attributes on SVG script elements

forms

Commit Description
feat - e3fba182f9 add [formField] directive
fix - 561772b152 allow custom controls to require dirty input
fix - f0fb1d8581 allow custom controls to require hidden input
fix - ec110f170b allow custom controls to require pending input
fix - ae1dc16bb0 clean up abort listener after timeout
fix - 9748b0d5da support custom controls with non signal-based models
fix - 6bd22df987 Support readonly arrays in signal forms

router

Commit Description
fix - 41cd4a6af8 Fix RouterLink href not updating with queryParamsHandling
fix - 5e9e09aee0 handle errors from view transition updateCallbackDone promise

21.0.6

core

Commit Description
fix - 4c8fb3631d throw better errors for potential circular references
fix - 48492524ea use mutable ResponseInit type for RESPONSE_INIT token

forms

... (truncated)

Changelog

Sourced from @​angular/compiler's changelog.

21.0.8 (2026-01-08)

core

Commit Type Description
a6a2621bf9 fix fix memory leak with event replay
5239e471a1 fix handle cancelled traversals in fake navigation

20.3.16 (2026-01-07)

core

Commit Type Description
c2c2b4aaa8 fix sanitize sensitive attributes on SVG script elements

19.2.18 (2026-01-07)

core

Commit Type Description
26cdc53d9c fix sanitize sensitive attributes on SVG script elements

21.0.7 (2026-01-07)

compiler

Commit Type Description
8e808740c9 fix better types for a few expression AST nodes
63b1cdcf70 fix produce accurate span for typeof and void expressions
3c3ae0cb64 fix provide location information for literal map keys
523dbaf1c3 fix stop ThisReceiver inheritance from ImplicitReceiver

compiler-cli

Commit Type Description
4d9c4567ed fix ensure component import diagnostics are reported within the imports expression
cd405685af fix fix up spelling of diagnostic
778460fcca fix support qualified names in typeof type references

core

Commit Type Description
7c74674eb0 fix avoid leaking view data in animations
0edbee4550 fix explicitly cast signal node value to String
f9c29572d2 fix sanitize sensitive attributes on SVG script elements

forms

| Commit | Type | Description |

... (truncated)

Commits
  • fbb37d8 refactor(core): remove unused instruction parameter
  • 63b1cdc fix(compiler): produce accurate span for typeof and void expressions
  • e3fba18 feat(forms): add [formField] directive
  • 8e80874 fix(compiler): better types for a few expression AST nodes
  • f9c2957 fix(core): sanitize sensitive attributes on SVG script elements
  • 523dbaf fix(compiler): stop ThisReceiver inheritance from ImplicitReceiver
  • 3c3ae0c fix(compiler): provide location information for literal map keys
  • feed89e ci: reformat files
  • 31b9090 refactor(compiler): remove unnecessary sanitization for safe attributes
  • 534b1b5 Revert "refactor(compiler): remove unnecessary sanitization for safe attributes"
  • Additional commits viewable in compare view

Updates qs from 6.14.0 to 6.14.1

Changelog

Sourced from qs's changelog.

6.14.1

  • [Fix] ensure arrayLength applies to [] notation as well
  • [Fix] parse: when a custom decoder returns null for a key, ignore that key
  • [Refactor] parse: extract key segment splitting helper
  • [meta] add threat model
  • [actions] add workflow permissions
  • [Tests] stringify: increase coverage
  • [Dev Deps] update eslint, @ljharb/eslint-config, npmignore, es-value-fixtures, for-each, object-inspect
Commits
  • 3fa11a5 v6.14.1
  • a626704 [Dev Deps] update npmignore
  • 3086902 [Fix] ensure arrayLength applies to [] notation as well
  • fc7930e [Dev Deps] update eslint, @ljharb/eslint-config
  • 0b06aac [Dev Deps] update @ljharb/eslint-config
  • 64951f6 [Refactor] parse: extract key segment splitting helper
  • e1bd259 [Dev Deps] update @ljharb/eslint-config
  • f4b3d39 [eslint] add eslint 9 optional peer dep
  • 6e94d95 [Dev Deps] update eslint, @ljharb/eslint-config, npmignore
  • 973dc3c [actions] add workflow permissions
  • Additional commits viewable in compare view

Updates systeminformation from 5.27.7 to 5.30.3

Release notes

Sourced from systeminformation's releases.

v5.30.3

Full Changelog: sebhildebrandt/systeminformation@v5.30.2...v5.30.3

v5.30.2

Full Changelog: sebhildebrandt/systeminformation@v5.30.1...v5.30.2

v5.30.1

Full Changelog: sebhildebrandt/systeminformation@v5.30.0...v5.30.1

v5.30.0

Full Changelog: sebhildebrandt/systeminformation@v5.29.1...v5.30.0

v5.29.1

Full Changelog: sebhildebrandt/systeminformation@v5.29.0...v5.29.1

v5.29.0

Full Changelog: sebhildebrandt/systeminformation@v5.28.10...v5.29.0

Changelog

Sourced from systeminformation's changelog.

Changelog

Major Changes - Version 5

New Functions

  • audio() detailed audio information
  • bluetoothDevices() detailed information detected bluetooth devices
  • dockerImages() detailed information docker images
  • dockerVolumes() detailed information docker volumes
  • printers() detailed printer information
  • usb() detailed USB information
  • wifiInterfaces() detected Wi-Fi interfaces
  • wifiConnections() active Wi-Fi connections

Breaking Changes

Be aware, that the new version 5.x is NOT fully backward compatible to version 4.x ...

We had to make several interface changes to keep systeminformation as consistent as possible. We highly recommend to go through the complete list and adapt your own code to be again compatible to the new version 5.

Function Old New (V5) Comments
unsupported values -1 null values which are unknown orunsupported on platform
battery() hasbatterycyclecountischargingdesignedcapacitymaxcapacityacconnectedtimeremaining hasBatterycycleCountisChargingdesignedCapacitymaxCapacityacConnectedtimeRemaining pascalCase conformity
blockDevices() fstype fsType pascalCase conformity
cpu() speedminspeedmax speedMinspeedMax pascalCase conformity
cpu().speedcpu().speedMincpu().speedMax string values now returningnumerical values better value handling
cpuCurrentspeed() cpuCurrentSpeed() function name changedpascalCase conformity
currentLoad() avgloadcurrentloadcurrentload_usercurrentload_systemcurrentload_nicecurrentload_idlecurrentload_irqraw_currentload avgLoadcurrentLoadcurrentLoadUsercurrentLoadSystemcurrentLoadNicecurrentLoadIdlecurrentLoadIrqrawCurrentLoad pascalCase conformity
dockerContainerStats() mem_usagemem_limitmem_percentcpu_percentcpu_statsprecpu_statsmemory_stats memUsagememLimitmemPercentcpuPercentcpuStatsprecpuStatsmemoryStats pascalCase conformity
dockerContainerProcesses() pid_host pidHost pascalCase conformity
graphics().display pixeldepthresolutionxresolutionysizexsizey pixelDepthresolutionXresolutionYsizeXsizeY pascalCase conformity
networkConnections() localaddresslocalportpeeraddresspeerport localAddresslocalPortpeerAddresspeerPort pascalCase conformity
networkInterfaces() carrier_changes carrierChanges pascalCase conformity
processes() mem_vszmem_rsspcpupcpuupcpuspmem memVszmemRsscpucpuucpusmem pascalCase conformityrenamed attributes
processLoad() result as object result as array of objects function now allows to provide more thanone process (as a comma separated list)
services() pcpupmem cpumem renamed attributes
vbox() HPETPAEAPICX2APICACPIIOAPICbiosAPICmodeTRC hpetpaeapicx2ApicacpiioApicbiosApicModertc pascalCase conformity

Other Improvements and Changes

  • baseboard(): added memMax, memSlots
  • bios(): added language and features (linux)
  • blockDevices() added raid group member (linux)
  • cpu(): extended AMD processor list

... (truncated)

Commits

Updates jws from 3.2.2 to 3.2.3

Release notes

Sourced from jws's releases.

v3.2.3

Changed

  • Fix advisory GHSA-869p-cjfg-cm3x: createSign and createVerify now require that a non empty secret is provided (via opts.secret, opts.privateKey or opts.key) when using HMAC algorithms.
  • Upgrading JWA version to 1.4.2, addressing a compatibility issue for Node >= 25.
Changelog

Sourced from jws's changelog.

[3.2.3]

Changed

  • Fix advisory GHSA-869p-cjfg-cm3x: createSign and createVerify now require that a non empty secret is provided (via opts.secret, opts.privateKey or opts.key) when using HMAC algorithms.
  • Upgrading JWA version to 1.4.2, adressing a compatibility issue for Node >= 25.

[3.0.0]

Changed

2.0.0 - 2015-01-30

Changed

  • BREAKING: Default payload encoding changed from binary to utf8. utf8 is a is a more sensible default than binary because many payloads, as far as I can tell, will contain user-facing strings that could be in any language. (6b6de48)

  • Code reorganization, thanks @​fearphage! (7880050)

Added

  • Option in all relevant methods for encoding. For those few users that might be depending on a binary encoding of the messages, this is for them. (6b6de48)
Commits
  • 4f6e73f Merge commit from fork
  • bd0fea5 version 3.2.3
  • 7c3b4b4 Enhance tests for HMAC streaming sign and verify
  • a9b8ed9 Improve secretOrKey initialization in VerifyStream
  • 6707fde Improve secret handling in SignStream
  • See full diff in compare view
Maintainer changes

This version was pushed to npm by julien.wollscheid, a new releaser for jws since your current version.


Updates node-forge from 1.3.1 to 1.3.3

Changelog

Sourced from node-forge's changelog.

1.3.3 - 2025-12-02

Fixed

  • [pkcs12] Make digestAlgorithm parameters optional to fix PKCS#12/PFX issues introduced in 1.3.2.

1.3.2 - 2025-11-25

Security

  • HIGH: ASN.1 Validator Desynchronization
    • An Interpretation Conflict (CWE-436) vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures to desynchronize schema validations, yielding a semantic divergence that may bypass downstream cryptographic verifications and security decisions.
    • Reported by Hunter Wodzenski.
    • CVE ID: CVE-2025-12816
    • GHSA ID: GHSA-5gfm-wpxj-wjgq
  • HIGH: ASN.1 Unbounded Recursion
    • An Uncontrolled Recursion (CWE-674) vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs.
    • Reported by Hunter Wodzenski.
    • CVE ID: CVE-2025-66031
    • GHSA ID: GHSA-554w-wpv2-vw27
  • MODERATE: ASN.1 OID Integer Truncation
    • An Integer Overflow (CWE-190) vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream OID-based security decisions.
    • Reported by Hunter Wodzenski.
    • CVE ID: CVE-2025-66030
    • GHSA ID: GHSA-65ch-62r8-g69g

Fixed

  • [asn1] Fix for vulnerability identified by CVE-2025-12816 PKCS#12 MAC verification bypass due to missing macData enforcement and improper asn1.validate routine.
  • [asn1] Add fromDer() max recursion depth check.
    • Add a asn1.maxDepth global configurable maximum depth of 256.
    • Add a asn1.fromDer() per-call maxDepth option.
    • NOTE: The default maximum is assumed to be higher than needed for valid data. If this assumption is false then this could be a breaking change. Please file an issue if there are use cases that need a higher maximum.
    • NOTE: The per-call maxDepth parameter has not been exposed up through all of the API stack due to the complexities involved. Please file an issue if there are use cases that require this instead of changing the default

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore cond...

Description has been truncated

@dependabot
Bump the npm_and_yarn group across 3 directories with 5 updates
94f797b 
Bumps the npm_and_yarn group with 3 updates in the /renderers/angular directory: [@angular/compiler](https://github.com/angular/angular/tree/HEAD/packages/compiler), [qs](https://github.com/ljharb/qs) and [systeminformation](https://github.com/sebhildebrandt/systeminformation).
Bumps the npm_and_yarn group with 3 updates in the /samples/client/angular directory: [@angular/compiler](https://github.com/angular/angular/tree/HEAD/packages/compiler), [qs](https://github.com/ljharb/qs) and [systeminformation](https://github.com/sebhildebrandt/systeminformation).
Bumps the npm_and_yarn group with 2 updates in the /specification/v0_8/eval directory: [jws](https://github.com/brianloveswords/node-jws) and [node-forge](https://github.com/digitalbazaar/forge).


Updates `@angular/compiler` from 21.0.3 to 21.0.8
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/v21.0.8/packages/compiler)

Updates `qs` from 6.14.0 to 6.14.1
- [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md)
- [Commits](ljharb/qs@v6.14.0...v6.14.1)

Updates `systeminformation` from 5.27.7 to 5.30.3
- [Release notes](https://github.com/sebhildebrandt/systeminformation/releases)
- [Changelog](https://github.com/sebhildebrandt/systeminformation/blob/master/CHANGELOG.md)
- [Commits](sebhildebrandt/systeminformation@v5.27.7...v5.30.3)

Updates `@angular/compiler` from 21.0.3 to 21.0.7
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/v21.0.8/packages/compiler)

Updates `qs` from 6.14.0 to 6.14.1
- [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md)
- [Commits](ljharb/qs@v6.14.0...v6.14.1)

Updates `systeminformation` from 5.27.7 to 5.30.3
- [Release notes](https://github.com/sebhildebrandt/systeminformation/releases)
- [Changelog](https://github.com/sebhildebrandt/systeminformation/blob/master/CHANGELOG.md)
- [Commits](sebhildebrandt/systeminformation@v5.27.7...v5.30.3)

Updates `jws` from 3.2.2 to 3.2.3
- [Release notes](https://github.com/brianloveswords/node-jws/releases)
- [Changelog](https://github.com/auth0/node-jws/blob/master/CHANGELOG.md)
- [Commits](auth0/node-jws@v3.2.2...v3.2.3)

Updates `node-forge` from 1.3.1 to 1.3.3
- [Changelog](https://github.com/digitalbazaar/forge/blob/main/CHANGELOG.md)
- [Commits](digitalbazaar/forge@v1.3.1...v1.3.3)

---
updated-dependencies:
- dependency-name: "@angular/compiler"
  dependency-version: 21.0.8
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: qs
  dependency-version: 6.14.1
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: systeminformation
  dependency-version: 5.30.3
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: "@angular/compiler"
  dependency-version: 21.0.7
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: qs
  dependency-version: 6.14.1
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: systeminformation
  dependency-version: 5.30.3
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: jws
  dependency-version: 3.2.3
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: node-forge
  dependency-version: 1.3.3
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jan 13, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants