From 791a80d0fe2ab519372ba472e0e148afc3136b6b Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sun, 3 Aug 2025 21:02:24 +0200
Subject: [PATCH] build(deps-dev): bump form-data from 3.0.1 to 3.0.4 in /webui
in the npm_and_yarn group across 1 directory (#1479)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Bumps the npm_and_yarn group with 1 update in the /webui directory:
[form-data](https://github.com/form-data/form-data).
Updates `form-data` from 3.0.1 to 3.0.4
Release notes
Sourced from form-data's
releases.
v3.0.2
Fixes
- npmignore temporary build files (#532)
- move util.isArray to Array.isArray (#564)
Tests
- migrate from travis to GHA
Changelog
Sourced from form-data's
changelog.
v3.0.4
- 2025-07-16
Fixed
Commits
- [eslint] update linting config
f5e7eb0
- [meta] add
auto-changelog d2eb290
- [Tests] handle predict-v8-randomness failures in node < 17 and
node > 23
e8c574c
- [Fix] Switch to using
crypto random for boundary values
c6ced61
- [Refactor] use
hasown 1a78b5d
- [Fix] validate boundary type in
setBoundary() method 70bbaa0
- [Tests] add tests to check the behavior of
getBoundary
with non-strings b22a64e
- [meta] actually ensure the readme backup isn’t published
0150851
- [meta] remove local commit hooks
fc42bb9
- [Dev Deps] remove unused deps
a14d09e
- [meta] fix scripts to use prepublishOnly
11d9f73
- [meta] fix readme capitalization
fc38b48
v3.0.3
- 2025-02-14
Merged
Fixed
Commits
- [Refactor] use
Object.prototype.hasOwnProperty.call 7fecefe
- [Dev Deps] update
@types/node, browserify,
coveralls, cross-spawn, eslint,
formidable, in-publish, pkgfiles,
pre-commit, puppeteer, request,
tape, typescript 8261fcb
- Only apps should have lockfiles
b82f590
- [Dev Deps] pin
request which via
tough-cookie ^2.4 depends on psl e5df7f2
- [Deps] update
mime-types 5a5bafe
v3.0.2
- 2024-10-10
Merged
Commits
- [Tests] migrate from travis to GHA
8fdb3bc
- [eslint] clean up ignores
3217b3d
- fix: move util.isArray to Array.isArray (#564)
edb555a
Commits
9c82fcd
v3.0.4e8c574c
[Tests] handle predict-v8-randomness failures in node < 17 and node
> 23c6ced61
[Fix] Switch to using crypto random for boundary
values0150851
[meta] actually ensure the readme backup isn’t publishedfc38b48
[meta] fix readme capitalizationd2eb290
[meta] add auto-changelogfc42bb9
[meta] remove local commit hooksa14d09e
[Dev Deps] remove unused deps002b9b0
[Fix] append: avoid a crash on nullish values70bbaa0
[Fix] validate boundary type in setBoundary() method- Additional commits viewable in compare
view
Maintainer changes
This version was pushed to npm by ljharb, a new releaser for
form-data since your current version.
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore ` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore ` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore ` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/git-bug/git-bug/network/alerts).
Signed-off-by: dependabot[bot]
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
webui/package-lock.json | 63 ++++++++++++++++++++++++++++++-----------
1 file changed, 47 insertions(+), 16 deletions(-)
diff --git a/webui/package-lock.json b/webui/package-lock.json
index e454cdfb048301a58c1cd7e6c3ec48382c019a5b..3f7499c045e05669afb9885b0a41bb7ae9dc07f9 100644
--- a/webui/package-lock.json
+++ b/webui/package-lock.json
@@ -12452,6 +12452,21 @@
"node": ">= 0.4"
}
},
+ "node_modules/es-set-tostringtag": {
+ "version": "2.1.0",
+ "resolved": "https://registry.npmjs.org/es-set-tostringtag/-/es-set-tostringtag-2.1.0.tgz",
+ "integrity": "sha512-j6vWzfrGVfyXxge+O0x5sh6cvxAog0a/4Rdd2K36zCMV5eJ+/+tOAngRO8cODMNWbVRdVlmGZQL2YS3yR8bIUA==",
+ "dev": true,
+ "dependencies": {
+ "es-errors": "^1.3.0",
+ "get-intrinsic": "^1.2.6",
+ "has-tostringtag": "^1.0.2",
+ "hasown": "^2.0.2"
+ },
+ "engines": {
+ "node": ">= 0.4"
+ }
+ },
"node_modules/es-shim-unscopables": {
"version": "1.0.0",
"resolved": "https://registry.npmjs.org/es-shim-unscopables/-/es-shim-unscopables-1.0.0.tgz",
@@ -14010,14 +14025,16 @@
}
},
"node_modules/form-data": {
- "version": "3.0.1",
- "resolved": "https://registry.npmjs.org/form-data/-/form-data-3.0.1.tgz",
- "integrity": "sha512-RHkBKtLWUVwd7SqRIvCZMEvAMoGUp0XU+seQiZejj0COz3RI3hWP4sCv3gZWWLjJTd7rGwcsF5eKZGii0r/hbg==",
+ "version": "3.0.4",
+ "resolved": "https://registry.npmjs.org/form-data/-/form-data-3.0.4.tgz",
+ "integrity": "sha512-f0cRzm6dkyVYV3nPoooP8XlccPQukegwhAnpoLcXy+X+A8KfpGOoXwDr9FLZd3wzgLaBGQBE3lY93Zm/i1JvIQ==",
"dev": true,
"dependencies": {
"asynckit": "^0.4.0",
"combined-stream": "^1.0.8",
- "mime-types": "^2.1.12"
+ "es-set-tostringtag": "^2.1.0",
+ "hasown": "^2.0.2",
+ "mime-types": "^2.1.35"
},
"engines": {
"node": ">= 6"
@@ -14664,12 +14681,12 @@
}
},
"node_modules/has-tostringtag": {
- "version": "1.0.0",
- "resolved": "https://registry.npmjs.org/has-tostringtag/-/has-tostringtag-1.0.0.tgz",
- "integrity": "sha512-kFjcSNhnlGV1kyoGk7OXKSawH5JOb/LzUc5w9B02hOTO0dfFRjbHQKvg1d6cf3HbeUmtU9VbbV3qzZ2Teh97WQ==",
+ "version": "1.0.2",
+ "resolved": "https://registry.npmjs.org/has-tostringtag/-/has-tostringtag-1.0.2.tgz",
+ "integrity": "sha512-NqADB8VjPFLM2V0VvHUewwwsw0ZWBaIdgo+ieHtK3hasLz4qeCRjYcqfB6AQrBggRKppKF8L52/VqdVsO47Dlw==",
"dev": true,
"dependencies": {
- "has-symbols": "^1.0.2"
+ "has-symbols": "^1.0.3"
},
"engines": {
"node": ">= 0.4"
@@ -36063,6 +36080,18 @@
"es-errors": "^1.3.0"
}
},
+ "es-set-tostringtag": {
+ "version": "2.1.0",
+ "resolved": "https://registry.npmjs.org/es-set-tostringtag/-/es-set-tostringtag-2.1.0.tgz",
+ "integrity": "sha512-j6vWzfrGVfyXxge+O0x5sh6cvxAog0a/4Rdd2K36zCMV5eJ+/+tOAngRO8cODMNWbVRdVlmGZQL2YS3yR8bIUA==",
+ "dev": true,
+ "requires": {
+ "es-errors": "^1.3.0",
+ "get-intrinsic": "^1.2.6",
+ "has-tostringtag": "^1.0.2",
+ "hasown": "^2.0.2"
+ }
+ },
"es-shim-unscopables": {
"version": "1.0.0",
"resolved": "https://registry.npmjs.org/es-shim-unscopables/-/es-shim-unscopables-1.0.0.tgz",
@@ -37179,14 +37208,16 @@
}
},
"form-data": {
- "version": "3.0.1",
- "resolved": "https://registry.npmjs.org/form-data/-/form-data-3.0.1.tgz",
- "integrity": "sha512-RHkBKtLWUVwd7SqRIvCZMEvAMoGUp0XU+seQiZejj0COz3RI3hWP4sCv3gZWWLjJTd7rGwcsF5eKZGii0r/hbg==",
+ "version": "3.0.4",
+ "resolved": "https://registry.npmjs.org/form-data/-/form-data-3.0.4.tgz",
+ "integrity": "sha512-f0cRzm6dkyVYV3nPoooP8XlccPQukegwhAnpoLcXy+X+A8KfpGOoXwDr9FLZd3wzgLaBGQBE3lY93Zm/i1JvIQ==",
"dev": true,
"requires": {
"asynckit": "^0.4.0",
"combined-stream": "^1.0.8",
- "mime-types": "^2.1.12"
+ "es-set-tostringtag": "^2.1.0",
+ "hasown": "^2.0.2",
+ "mime-types": "^2.1.35"
}
},
"formdata-polyfill": {
@@ -37605,12 +37636,12 @@
"dev": true
},
"has-tostringtag": {
- "version": "1.0.0",
- "resolved": "https://registry.npmjs.org/has-tostringtag/-/has-tostringtag-1.0.0.tgz",
- "integrity": "sha512-kFjcSNhnlGV1kyoGk7OXKSawH5JOb/LzUc5w9B02hOTO0dfFRjbHQKvg1d6cf3HbeUmtU9VbbV3qzZ2Teh97WQ==",
+ "version": "1.0.2",
+ "resolved": "https://registry.npmjs.org/has-tostringtag/-/has-tostringtag-1.0.2.tgz",
+ "integrity": "sha512-NqADB8VjPFLM2V0VvHUewwwsw0ZWBaIdgo+ieHtK3hasLz4qeCRjYcqfB6AQrBggRKppKF8L52/VqdVsO47Dlw==",
"dev": true,
"requires": {
- "has-symbols": "^1.0.2"
+ "has-symbols": "^1.0.3"
}
},
"hasown": {