Skip to content

chore(deps): bump pbkdf2 from 3.1.2 to 3.1.6 in the security group across 1 directory#3416

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/security-eca7abf8ab
Open

chore(deps): bump pbkdf2 from 3.1.2 to 3.1.6 in the security group across 1 directory#3416
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/security-eca7abf8ab

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 24, 2025
edited
Loading

Copy link
Copy Markdown
Contributor

Bumps the security group with 1 update in the / directory: pbkdf2.

Updates pbkdf2 from 3.1.2 to 3.1.6

Changelog

Sourced from pbkdf2's changelog.

v3.1.6 - 2026-05-26

Commits

  • [New] add TypeScript type declarations fb1f747
  • [Fix] coerce -0 keylen to +0 7c4a495
  • [Dev Deps] update @ljharb/eslint-config, @types/node, eslint, npmignore e3cce16
  • [eslint] fix an error f6b0e42
  • [Tests] fix npm run postlint b729629
  • [Dev Deps] update @ljharb/eslint-config, @types/node, auto-changelog 5e0cf51
  • [Deps] update to-buffer 1c3b1f5
  • [readme] replace runkit CI badge with shields.io check-runs badge 528bd38

v3.1.5 - 2025-09-23

Commits

  • [Fix] only allow finite iterations 67bd94d
  • [Fix] restore node 0.10 support 8f59d96
  • [Fix] check parameters before the "no Promise" bailout d2dc5f0

v3.1.4 - 2025-09-22

Commits

  • [Deps] update create-hash, ripemd160, sha.js, to-buffer 8dbf49b
  • [meta] update repo URLs d15bc35
  • [Dev Deps] update @ljharb/eslint-config aaf870b

v3.1.3 - 2025-06-20

Commits

  • Only apps should have lockfiles 8b06730
  • [lint] fix whitespace 9a76e2f
  • [lint] fix parens/curlies/semis/etc 6fd84bf
  • [meta] add auto-changelog 796c38d
  • [Tests] fix tests in node 17 3661fb0
  • Revert "[Tests] fix tests in node < 3" 7431b57
  • [Tests] fix tests in node < 3 eb9f97a
  • [Fix] ensure unknown algorithms throw + known ones match node 26d4fd3
  • [Tests] add GHA, always run nyc 513906a
  • [lint] fix a few more rules ab04da8
  • [lint] switch to eslint 89694cf
  • [Tests] add coverage d0d534b
  • [Refactor] use to-buffer e3102a8
  • [readme] improve badges fca0c9d
  • [Tests] remove unused travis file a2c7d93
  • [meta] switch from files to npmignore 7f31fbc
  • [Tests] use .nycrc 8d628e8

... (truncated)

Commits
  • ea4768b v3.1.6
  • b729629 [Tests] fix npm run postlint
  • 7c4a495 [Fix] coerce -0 keylen to +0
  • 5e0cf51 [Dev Deps] update @ljharb/eslint-config, @types/node, auto-changelog
  • 1c3b1f5 [Deps] update to-buffer
  • e3cce16 [Dev Deps] update @ljharb/eslint-config, @types/node, eslint, npmignore
  • f6b0e42 [eslint] fix an error
  • fb1f747 [New] add TypeScript type declarations
  • 528bd38 [readme] replace runkit CI badge with shields.io check-runs badge
  • 3687905 v3.1.5
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by ljharb, a new releaser for pbkdf2 since your current version.

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 24, 2025
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/security-eca7abf8ab branch from 32c345e to 75448a2 Compare July 4, 2025 08:11
@sonarqubecloud

sonarqubecloud Bot commented Jul 4, 2025

Copy link
Copy Markdown

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@jenniferarnesen jenniferarnesen enabled auto-merge (squash) August 14, 2025 07:30
@sonarqubecloud

sonarqubecloud Bot commented Aug 14, 2025

Copy link
Copy Markdown

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@dhis2-bot

dhis2-bot commented Aug 14, 2025

Copy link
Copy Markdown
Contributor

🚀 Deployed on https://pr-3416.data-visualizer.netlify.dhis2.org

@dhis2-bot dhis2-bot temporarily deployed to netlify August 14, 2025 07:31 Inactive
@dependabot @github

dependabot Bot commented on behalf of github Aug 19, 2025

Copy link
Copy Markdown
Contributor Author

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.

@dependabot @github

dependabot Bot commented on behalf of github Sep 15, 2025

Copy link
Copy Markdown
Contributor Author

Dependabot encountered an unknown error. Because of this, Dependabot cannot update this pull request.

@karolinelien

karolinelien commented Mar 19, 2026

Copy link
Copy Markdown
Collaborator

@dependabot recreate

@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/security-eca7abf8ab branch from 7212cc8 to 243d778 Compare March 19, 2026 13:56
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/security-eca7abf8ab branch from 243d778 to acae66d Compare April 13, 2026 23:44
@sonarqubecloud

sonarqubecloud Bot commented Apr 13, 2026

Copy link
Copy Markdown

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@dependabot dependabot Bot changed the title chore(deps): bump pbkdf2 from 3.1.2 to 3.1.3 in the security group chore(deps): bump pbkdf2 from 3.1.2 to 3.1.5 in the security group across 1 directory Apr 28, 2026
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/security-eca7abf8ab branch from acae66d to 78535c7 Compare April 28, 2026 02:17
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/security-eca7abf8ab branch from 78535c7 to d2caae1 Compare May 12, 2026 05:34
@sonarqubecloud

sonarqubecloud Bot commented May 12, 2026

Copy link
Copy Markdown

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@dependabot
chore(deps): bump pbkdf2 in the security group across 1 directory
b517a03 
Bumps the security group with 1 update in the / directory: [pbkdf2](https://github.com/browserify/pbkdf2).


Updates `pbkdf2` from 3.1.2 to 3.1.6
- [Changelog](https://github.com/browserify/pbkdf2/blob/master/CHANGELOG.md)
- [Commits](browserify/pbkdf2@v3.1.2...v3.1.6)

---
updated-dependencies:
- dependency-name: pbkdf2
  dependency-version: 3.1.3
  dependency-type: indirect
  dependency-group: security
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title chore(deps): bump pbkdf2 from 3.1.2 to 3.1.5 in the security group across 1 directory chore(deps): bump pbkdf2 from 3.1.2 to 3.1.6 in the security group across 1 directory Jun 15, 2026
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/security-eca7abf8ab branch from d2caae1 to b517a03 Compare June 15, 2026 23:43
@sonarqubecloud

sonarqubecloud Bot commented Jun 15, 2026

Copy link
Copy Markdown

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer
@jenniferarnesen jenniferarnesen jenniferarnesen left review comments
Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@dhis2-bot @karolinelien @jenniferarnesen