Skip to content

chore(deps): bump pbkdf2 from 3.1.2 to 3.1.5 in the security group across 1 directory#3416

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/security-eca7abf8ab
Open

chore(deps): bump pbkdf2 from 3.1.2 to 3.1.5 in the security group across 1 directory#3416
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/security-eca7abf8ab

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Jun 24, 2025
edited
Loading

Bumps the security group with 1 update in the / directory: pbkdf2.

Updates pbkdf2 from 3.1.2 to 3.1.5

Changelog

Sourced from pbkdf2's changelog.

v3.1.5 - 2025-09-23

Commits

  • [Fix] only allow finite iterations 67bd94d
  • [Fix] restore node 0.10 support 8f59d96
  • [Fix] check parameters before the "no Promise" bailout d2dc5f0

v3.1.4 - 2025-09-22

Commits

  • [Deps] update create-hash, ripemd160, sha.js, to-buffer 8dbf49b
  • [meta] update repo URLs d15bc35
  • [Dev Deps] update @ljharb/eslint-config aaf870b

v3.1.3 - 2025-06-20

Commits

  • Only apps should have lockfiles 8b06730
  • [lint] fix whitespace 9a76e2f
  • [lint] fix parens/curlies/semis/etc 6fd84bf
  • [meta] add auto-changelog 796c38d
  • [Tests] fix tests in node 17 3661fb0
  • Revert "[Tests] fix tests in node < 3" 7431b57
  • [Tests] fix tests in node < 3 eb9f97a
  • [Fix] ensure unknown algorithms throw + known ones match node 26d4fd3
  • [Tests] add GHA, always run nyc 513906a
  • [lint] fix a few more rules ab04da8
  • [lint] switch to eslint 89694cf
  • [Tests] add coverage d0d534b
  • [Refactor] use to-buffer e3102a8
  • [readme] improve badges fca0c9d
  • [Tests] remove unused travis file a2c7d93
  • [meta] switch from files to npmignore 7f31fbc
  • [Tests] use .nycrc 8d628e8
  • [Refactor] minor tweaks fc61005
  • [Deps] update create-hmac, safe-buffer, sha.js ae2a7d0
  • [Fix] pin create-hash, ripemd160 due to breaking changes e079968
  • [Tests] fix tests in node 3 45fbcf3
  • [meta] skip publishing benchmarks 19ea57b
  • [Dev Deps] add missing peer dep 645e252
Commits
  • 3687905 v3.1.5
  • 67bd94d [Fix] only allow finite iterations
  • 8f59d96 [Fix] restore node 0.10 support
  • d2dc5f0 [Fix] check parameters before the "no Promise" bailout
  • b2ad615 v3.1.4
  • 8dbf49b [Deps] update create-hash, ripemd160, sha.js, to-buffer
  • aaf870b [Dev Deps] update @ljharb/eslint-config
  • d15bc35 [meta] update repo URLs
  • 3e40827 v3.1.3
  • e3102a8 [Refactor] use to-buffer
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by ljharb, a new releaser for pbkdf2 since your current version.

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 24, 2025
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/security-eca7abf8ab branch from 32c345e to 75448a2 Compare July 4, 2025 08:11
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented Jul 4, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@jenniferarnesen jenniferarnesen enabled auto-merge (squash) August 14, 2025 07:30
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented Aug 14, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@dhis2-bot
Copy link
Copy Markdown
Contributor

dhis2-bot commented Aug 14, 2025

🚀 Deployed on https://pr-3416.data-visualizer.netlify.dhis2.org

@dhis2-bot dhis2-bot temporarily deployed to netlify August 14, 2025 07:31 Inactive
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github Aug 19, 2025

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.

@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github Sep 15, 2025

Dependabot encountered an unknown error. Because of this, Dependabot cannot update this pull request.

@karolinelien
Copy link
Copy Markdown
Collaborator

karolinelien commented Mar 19, 2026

@dependabot recreate

@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/security-eca7abf8ab branch from 7212cc8 to 243d778 Compare March 19, 2026 13:56
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/security-eca7abf8ab branch from 243d778 to acae66d Compare April 13, 2026 23:44
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented Apr 13, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@dependabot dependabot Bot changed the title chore(deps): bump pbkdf2 from 3.1.2 to 3.1.3 in the security group chore(deps): bump pbkdf2 from 3.1.2 to 3.1.5 in the security group across 1 directory Apr 28, 2026
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/security-eca7abf8ab branch from acae66d to 78535c7 Compare April 28, 2026 02:17
@dependabot
chore(deps): bump pbkdf2 in the security group across 1 directory
d2caae1 
Bumps the security group with 1 update in the / directory: [pbkdf2](https://github.com/browserify/pbkdf2).


Updates `pbkdf2` from 3.1.2 to 3.1.5
- [Changelog](https://github.com/browserify/pbkdf2/blob/master/CHANGELOG.md)
- [Commits](browserify/pbkdf2@v3.1.2...v3.1.5)

---
updated-dependencies:
- dependency-name: pbkdf2
  dependency-version: 3.1.3
  dependency-type: indirect
  dependency-group: security
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/security-eca7abf8ab branch from 78535c7 to d2caae1 Compare May 12, 2026 05:34
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented May 12, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jenniferarnesen jenniferarnesen jenniferarnesen left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@dhis2-bot @karolinelien @jenniferarnesen