Skip to content

chore(deps): bump smol-toml from 1.6.0 to 1.6.1 in /site#4748

Merged
brandtkeller merged 1 commit into
mainfrom
dependabot/npm_and_yarn/site/smol-toml-1.6.1
Apr 12, 2026
Merged

chore(deps): bump smol-toml from 1.6.0 to 1.6.1 in /site#4748
brandtkeller merged 1 commit into
mainfrom
dependabot/npm_and_yarn/site/smol-toml-1.6.1

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Mar 25, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Bumps smol-toml from 1.6.0 to 1.6.1.

Release notes

Sourced from smol-toml's releases.

v1.6.1

This release addresses a minor security vulnerability where an attacker-controlled TOML document can exploit an unrestricted recustion and cause a stack overflow error with a document that contains thousands of sucessive commented lines. Security advisory: GHSA-v3rj-xjv7-4jmq

Commits

@dependabot dependabot Bot added dependencies javascript Pull requests that update Javascript code labels Mar 25, 2026
@dependabot dependabot Bot requested review from a team as code owners March 25, 2026 21:48
@dependabot dependabot Bot added dependencies javascript Pull requests that update Javascript code labels Mar 25, 2026
@netlify

netlify Bot commented Mar 25, 2026
edited
Loading

Copy link
Copy Markdown

Deploy Preview for zarf-docs ready!

Name Link
🔨 Latest commit f978ab6
🔍 Latest deploy log https://app.netlify.com/projects/zarf-docs/deploys/69c69707aeede300086ddd89
😎 Deploy Preview https://deploy-preview-4748--zarf-docs.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

@dependabot
chore(deps): bump smol-toml from 1.6.0 to 1.6.1 in /site
f978ab6 
Bumps [smol-toml](https://github.com/squirrelchat/smol-toml) from 1.6.0 to 1.6.1.
- [Release notes](https://github.com/squirrelchat/smol-toml/releases)
- [Commits](squirrelchat/smol-toml@v1.6.0...v1.6.1)

---
updated-dependencies:
- dependency-name: smol-toml
  dependency-version: 1.6.1
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/site/smol-toml-1.6.1 branch from 2cb960c to f978ab6 Compare March 27, 2026 14:41
@brandtkeller brandtkeller added this pull request to the merge queue Apr 12, 2026
Merged via the queue into main with commit 35eb1f1 Apr 12, 2026
31 checks passed
@brandtkeller brandtkeller deleted the dependabot/npm_and_yarn/site/smol-toml-1.6.1 branch April 12, 2026 21:53
@github-project-automation github-project-automation Bot moved this to Done in Zarf Apr 12, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@brandtkeller brandtkeller brandtkeller approved these changes

Assignees

No one assigned

Labels

dependencies javascript Pull requests that update Javascript code

Projects

Zarf
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@brandtkeller