Bump flatted from 3.3.3 to 3.4.2 #158

Open

dependabot[bot] wants to merge 1 commits from dependabot/npm_and_yarn/flatted-3.4.2 into main

pull from: dependabot/npm_and_yarn/flatted-3.4.2

merge into: frishi:main

frishi:main

frishi:dep-hell

frishi:dependabot/npm_and_yarn/picomatch-2.3.2

frishi:dependabot/npm_and_yarn/multi-c136cad177

frishi:dependabot/npm_and_yarn/socket.io-parser-4.2.6

frishi:dependabot/npm_and_yarn/underscore-1.13.8

frishi:dependabot/npm_and_yarn/svgo-4.0.1

frishi:graphql-refactor

frishi:react-19-upgrade

frishi:airdcpp-regression

frishi:comicvine-integration-improvements

frishi:qbittorrent-integration

frishi:dark-mode-3

frishi:dark-mode-2

frishi:dark-mode-refactor

frishi:dark-mode-refactor-2

frishi:comic-detail-react-query

frishi:zustand-react-query-navbar

frishi:qbittorrent-settings-form

frishi:move-to-zustand-react-query

frishi:import-queue-progress

frishi:service-statuses-settings

frishi:80-vite-env-var-hostname-fix

frishi:76-hostname-docker-context-fix

frishi:71-dockerfile-update

frishi:comicvine-import-improvements

frishi:bugfix-#59

frishi:relocating-screenshots

frishi:storybook-7-upgrade

frishi:elasticsearch-upgrade-fix

frishi:vite-build-system

frishi:funding-fix

frishi:funding

frishi:service-statuses

frishi:dcpp-socket-status

frishi:dev

frishi:rishighan-screenshots-dec-2022

Conversation 0 Commits 1 Files Changed 2 +2102 -62

dependabot[bot] commented 2026-03-21 10:40:45 +00:00 (Migrated from github.com)

Copy Link

Bumps flatted from 3.3.3 to 3.4.2.

Commits

• 3bf0909 3.4.2
• 885ddcc fix CWE-1321
• 0bdba70 added flatted-view to the benchmark
• 2a02dce 3.4.1
• fba4e8f Merge pull request #89 from WebReflection/python-fix
• 5fe8648 added "when in Rome" also a test for PHP
• 53517ad some minor improvement
• b3e2a0c Fixing recursion issue in Python too
• c4b46db Add SECURITY.md for security policy and reporting
• f86d071 Create dependabot.yml for version updates
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [flatted](https://github.com/WebReflection/flatted) from 3.3.3 to 3.4.2. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7"><code>3bf0909</code></a> 3.4.2</li> <li><a href="https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802"><code>885ddcc</code></a> fix CWE-1321</li> <li><a href="https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3"><code>0bdba70</code></a> added flatted-view to the benchmark</li> <li><a href="https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20"><code>2a02dce</code></a> 3.4.1</li> <li><a href="https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416"><code>fba4e8f</code></a> Merge pull request <a href="https://redirect.github.com/WebReflection/flatted/issues/89">#89</a> from WebReflection/python-fix</li> <li><a href="https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7"><code>5fe8648</code></a> added &quot;when in Rome&quot; also a test for PHP</li> <li><a href="https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0"><code>53517ad</code></a> some minor improvement</li> <li><a href="https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f"><code>b3e2a0c</code></a> Fixing recursion issue in Python too</li> <li><a href="https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad"><code>c4b46db</code></a> Add SECURITY.md for security policy and reporting</li> <li><a href="https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988"><code>f86d071</code></a> Create dependabot.yml for version updates</li> <li>Additional commits viewable in <a href="https://github.com/WebReflection/flatted/compare/v3.3.3...v3.4.2">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/rishighan/threetwo/network/alerts). </details>

This pull request has changes conflicting with the target branch.

• package-lock.json

View command line instructions

Checkout

From your project repository, check out a new branch and test the changes.

git fetch -u origin dependabot/npm_and_yarn/flatted-3.4.2:dependabot/npm_and_yarn/flatted-3.4.2

git checkout dependabot/npm_and_yarn/flatted-3.4.2

Sign in to join this conversation.

Reviewers

No Reviewers

Labels

Clear labels

P0

Game-stopping bug

bug

Something isn't working

catch-all

Holding place for similar issues

dependencies

Pull requests that update a dependency file

documentation

Improvements or additions to documentation

duplicate

This issue or pull request already exists

enhancement

New feature or request

fix

good first issue

Good for newcomers

help wanted

Extra attention is needed

invalid

This doesn't seem right

javascript

Pull requests that update javascript code

major

question

Further information is requested

refactor

tech debt

testing-required

Fix issued, but tests are pending

wontfix

This will not be worked on

No Label dependencies javascript

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

frishi

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: frishi/threetwo#158