Skip to content

Bump smol-toml from 1.6.0 to 1.6.1 in the npm_and_yarn group across 1 directory#3185

Merged
dennisdoomen merged 1 commit into
mainfrom
dependabot/npm_and_yarn/npm_and_yarn-407e7bda9e
Mar 26, 2026
Merged

Bump smol-toml from 1.6.0 to 1.6.1 in the npm_and_yarn group across 1 directory#3185
dennisdoomen merged 1 commit into
mainfrom
dependabot/npm_and_yarn/npm_and_yarn-407e7bda9e

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Mar 25, 2026

Copy link
Copy Markdown
Contributor

Bumps the npm_and_yarn group with 1 update in the / directory: smol-toml.

Updates smol-toml from 1.6.0 to 1.6.1

Release notes

Sourced from smol-toml's releases.

v1.6.1

This release addresses a minor security vulnerability where an attacker-controlled TOML document can exploit an unrestricted recustion and cause a stack overflow error with a document that contains thousands of sucessive commented lines. Security advisory: GHSA-v3rj-xjv7-4jmq

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps the npm_and_yarn group with 1 update in the / directory: [smol-toml](https://github.com/squirrelchat/smol-toml).


Updates `smol-toml` from 1.6.0 to 1.6.1
- [Release notes](https://github.com/squirrelchat/smol-toml/releases)
- [Commits](squirrelchat/smol-toml@v1.6.0...v1.6.1)

---
updated-dependencies:
- dependency-name: smol-toml
  dependency-version: 1.6.1
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Mar 25, 2026
@github-actions

github-actions Bot commented Mar 25, 2026

Copy link
Copy Markdown

Test Results

    37 files  ±0      37 suites  ±0   5m 43s ⏱️ -48s
 6 353 tests ±0   6 352 ✅ ±0  1 💤 ±0  0 ❌ ±0 
39 464 runs  ±0  39 458 ✅ ±0  6 💤 ±0  0 ❌ ±0 

Results for commit 75023db. ± Comparison against base commit 2a6f493.

This pull request removes 10 and adds 8 tests. Note that renamed tests count towards both.
FluentAssertions.Specs.Streams.StreamAssertionSpecs+HaveLength ‑ When_a_throwing_stream_should_have_a_length_it_should_fail(exception: System.ObjectDisposedException: Cannot access a disposed object.
FluentAssertions.Specs.Streams.StreamAssertionSpecs+HaveLength ‑ When_a_throwing_stream_should_have_a_length_it_should_fail(exception: System.ObjectDisposedException: Cannot access a disposed object.
FluentAssertions.Specs.Streams.StreamAssertionSpecs+HavePosition ‑ When_a_throwing_stream_should_have_a_position_it_should_fail(exception: System.ObjectDisposedException: Cannot access a disposed object.
FluentAssertions.Specs.Streams.StreamAssertionSpecs+HavePosition ‑ When_a_throwing_stream_should_have_a_position_it_should_fail(exception: System.ObjectDisposedException: Cannot access a disposed object.
FluentAssertions.Specs.Streams.StreamAssertionSpecs+NotHaveLength ‑ When_a_throwing_stream_should_not_have_a_length_it_should_fail(exception: System.ObjectDisposedException: Cannot access a disposed object.
FluentAssertions.Specs.Streams.StreamAssertionSpecs+NotHaveLength ‑ When_a_throwing_stream_should_not_have_a_length_it_should_fail(exception: System.ObjectDisposedException: Cannot access a disposed object.
FluentAssertions.Specs.Streams.StreamAssertionSpecs+NotHavePosition ‑ When_a_throwing_stream_should_not_have_a_position_it_should_fail(exception: System.ObjectDisposedException: Cannot access a disposed object.
FluentAssertions.Specs.Streams.StreamAssertionSpecs+NotHavePosition ‑ When_a_throwing_stream_should_not_have_a_position_it_should_fail(exception: System.ObjectDisposedException: Cannot access a disposed object.
Object name: 'GetLengthExceptionMessage'.)
Object name: 'GetPositionExceptionMessage'.)
FluentAssertions.Specs.Streams.StreamAssertionSpecs+HaveLength ‑ When_a_throwing_stream_should_have_a_length_it_should_fail(exception: System.ObjectDisposedException: Cannot access a disposed object.
Object name: 'GetLengthExceptionMessage'.)
FluentAssertions.Specs.Streams.StreamAssertionSpecs+HaveLength ‑ When_a_throwing_stream_should_have_a_length_it_should_fail(exception: System.ObjectDisposedException: Cannot access a disposed object.
Object name: 'GetLengthExceptionMessage'.)
FluentAssertions.Specs.Streams.StreamAssertionSpecs+HavePosition ‑ When_a_throwing_stream_should_have_a_position_it_should_fail(exception: System.ObjectDisposedException: Cannot access a disposed object.
Object name: 'GetPositionExceptionMessage'.)
FluentAssertions.Specs.Streams.StreamAssertionSpecs+HavePosition ‑ When_a_throwing_stream_should_have_a_position_it_should_fail(exception: System.ObjectDisposedException: Cannot access a disposed object.
Object name: 'GetPositionExceptionMessage'.)
FluentAssertions.Specs.Streams.StreamAssertionSpecs+NotHaveLength ‑ When_a_throwing_stream_should_not_have_a_length_it_should_fail(exception: System.ObjectDisposedException: Cannot access a disposed object.
Object name: 'GetLengthExceptionMessage'.)
FluentAssertions.Specs.Streams.StreamAssertionSpecs+NotHaveLength ‑ When_a_throwing_stream_should_not_have_a_length_it_should_fail(exception: System.ObjectDisposedException: Cannot access a disposed object.
Object name: 'GetLengthExceptionMessage'.)
FluentAssertions.Specs.Streams.StreamAssertionSpecs+NotHavePosition ‑ When_a_throwing_stream_should_not_have_a_position_it_should_fail(exception: System.ObjectDisposedException: Cannot access a disposed object.
Object name: 'GetPositionExceptionMessage'.)
FluentAssertions.Specs.Streams.StreamAssertionSpecs+NotHavePosition ‑ When_a_throwing_stream_should_not_have_a_position_it_should_fail(exception: System.ObjectDisposedException: Cannot access a disposed object.
Object name: 'GetPositionExceptionMessage'.)

♻️ This comment has been updated with latest results.

@coveralls

Copy link
Copy Markdown

Pull Request Test Coverage Report for Build 23566278122

Details

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage remained the same at 97.198%

Totals Coverage Status
Change from base Build 23460834472: 0.0%
Covered Lines: 13021
Relevant Lines: 13245

💛 - Coveralls

@github-actions

Copy link
Copy Markdown

Qodana for .NET

It seems all right 👌

No new problems were found according to the checks applied

💡 Qodana analysis was run in the pull request mode: only the changed files were checked
☁️ View the detailed Qodana report

Contact Qodana team

Contact us at qodana-support@jetbrains.com

@dennisdoomen dennisdoomen merged commit fdfe953 into main Mar 26, 2026
13 checks passed
@dennisdoomen dennisdoomen deleted the dependabot/npm_and_yarn/npm_and_yarn-407e7bda9e branch March 26, 2026 18:19
searledan added a commit to fiscaltec/vitally-mcp that referenced this pull request May 12, 2026
Updated
[FluentAssertions](https://github.com/fluentassertions/fluentassertions)
from 8.9.0 to 8.10.0.

<details>
<summary>Release notes</summary>

_Sourced from [FluentAssertions's
releases](https://github.com/fluentassertions/fluentassertions/releases)._

## 8.10.0

<!-- Release notes generated using configuration in .github/release.yml
at main -->

## What's Changed
### Improvements
* Fail with a descriptive error when path-based rules are used on
value-semantic types by @​dennisdoomen in
fluentassertions/fluentassertions#3187
* Significantly speed up BeEquivalentTo for large unordered collections
by @​dennisdoomen in
fluentassertions/fluentassertions#3188
* Add ComparingNullCollectionsAsEmpty and ComparingNullStringsAsEmpty
options to BeEquivalentTo by @​dennisdoomen in
fluentassertions/fluentassertions#3202
* Include original index in extraneous item failure messages by
@​dennisdoomen in
fluentassertions/fluentassertions#3203
### Documentation
* Reroute the docs link to Xceed by @​dennisdoomen in
fluentassertions/fluentassertions#3183
* Fix typo in release notes by @​jnyrup in
fluentassertions/fluentassertions#3194
* Fix typos in docs by @​jnyrup in
fluentassertions/fluentassertions#3197
### Others
* Bump flatted from 3.4.1 to 3.4.2 in the npm_and_yarn group across 1
directory by @​dependabot[bot] in
fluentassertions/fluentassertions#3184
* Add AI assistant instruction file (agents.md) for Copilot, Claude, and
JetBrains Junie by @​Copilot in
fluentassertions/fluentassertions#3176
* Bump smol-toml from 1.6.0 to 1.6.1 in the npm_and_yarn group across 1
directory by @​dependabot[bot] in
fluentassertions/fluentassertions#3185
* Bump the npm_and_yarn group across 1 directory with 2 updates by
@​dependabot[bot] in
fluentassertions/fluentassertions#3186
* Bump cspell from 9.7.0 to 10.0.0 by @​dependabot[bot] in
fluentassertions/fluentassertions#3189
* Update nugets by @​jnyrup in
fluentassertions/fluentassertions#3192
* Fixup Qodana issues by @​jnyrup in
fluentassertions/fluentassertions#3193
* Fix Qodana argument separator by @​jnyrup in
fluentassertions/fluentassertions#3195
* Use new Qodana linter option by @​jnyrup in
fluentassertions/fluentassertions#3196
* Fix flaky BeLessThanOrEqualTo execution time test by @​Copilot in
fluentassertions/fluentassertions#3200
* Bump JetBrains/qodana-action from 2025.3 to 2026.1 by
@​dependabot[bot] in
fluentassertions/fluentassertions#3201
* Use long for hashCode in ReferentialComparer to avoid overflow by
@​dennisdoomen in
fluentassertions/fluentassertions#3204


**Full Changelog**:
fluentassertions/fluentassertions@8.9.0...8.10.0

Commits viewable in [compare
view](fluentassertions/fluentassertions@8.9.0...8.10.0).
</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Dan Searle <dan_searle@outlook.com>
This was referenced Jun 29, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants