Skip to content

chore(deps): bump the npm_and_yarn group across 19 directories with 5 updates#22

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/dot-github/actions/changesets-action/npm_and_yarn-fd99be3f71
Open

chore(deps): bump the npm_and_yarn group across 19 directories with 5 updates#22
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/dot-github/actions/changesets-action/npm_and_yarn-fd99be3f71

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Mar 14, 2026

Copy link
Copy Markdown

Bumps the npm_and_yarn group with 1 update in the /.github/actions/changesets-action directory: minimatch.
Bumps the npm_and_yarn group with 1 update in the /CopilotKit directory: @langchain/community.
Bumps the npm_and_yarn group with 1 update in the /CopilotKit/examples/next-pages-router directory: @langchain/community.
Bumps the npm_and_yarn group with 2 updates in the /docs directory: minimatch and dompurify.
Bumps the npm_and_yarn group with 2 updates in the /examples/coagents-ai-researcher/ui directory: minimatch and flatted.
Bumps the npm_and_yarn group with 1 update in the /examples/coagents-qa-native/agent-js directory: fast-xml-parser.
Bumps the npm_and_yarn group with 2 updates in the /examples/coagents-qa-native/ui directory: minimatch and flatted.
Bumps the npm_and_yarn group with 1 update in the /examples/coagents-qa-text/agent-js directory: fast-xml-parser.
Bumps the npm_and_yarn group with 2 updates in the /examples/coagents-qa-text/ui directory: minimatch and flatted.
Bumps the npm_and_yarn group with 2 updates in the /examples/coagents-qa/ui directory: minimatch and flatted.
Bumps the npm_and_yarn group with 1 update in the /examples/coagents-research-canvas/agent-js directory: fast-xml-parser.
Bumps the npm_and_yarn group with 2 updates in the /examples/coagents-research-canvas/ui directory: minimatch and flatted.
Bumps the npm_and_yarn group with 1 update in the /examples/coagents-routing/agent-js directory: fast-xml-parser.
Bumps the npm_and_yarn group with 2 updates in the /examples/coagents-routing/ui directory: minimatch and flatted.
Bumps the npm_and_yarn group with 2 updates in the /examples/coagents-shared-state/ui directory: minimatch and flatted.
Bumps the npm_and_yarn group with 2 updates in the /examples/coagents-starter/ui directory: minimatch and flatted.
Bumps the npm_and_yarn group with 2 updates in the /examples/coagents-travel/ui directory: minimatch and flatted.
Bumps the npm_and_yarn group with 2 updates in the /examples/coagents-wait-user-input/ui directory: minimatch and flatted.
Bumps the npm_and_yarn group with 1 update in the /infra directory: minimatch.

Updates minimatch from 3.1.2 to 3.1.5

Commits

Updates @langchain/community from 0.0.53 to 1.1.18

Release notes

Sourced from @​langchain/community's releases.

@​langchain/community@​1.1.18

Patch Changes

  • #10108 e7576ee Thanks @​hntrl! - fix: replace retired Anthropic model IDs with active replacements

    • Update default model in ChatAnthropic from claude-3-5-sonnet-latest to claude-sonnet-4-5-20250929
    • Regenerate model profiles with latest data from models.dev API
    • Replace retired claude-3-5-haiku-20241022, claude-3-7-sonnet-20250219, claude-3-5-sonnet-20240620, and claude-3-5-sonnet-20241022 in tests, docstrings, and examples
  • #10116 2812d2b Thanks @​hntrl! - Validate redirects in RecursiveUrlLoader to prevent SSRF bypasses.

  • Updated dependencies []:

    • @​langchain/classic@​1.0.19
Commits
  • a591053 chore: version packages (#10110)
  • 2812d2b fix(community): validate redirects in RecursiveUrlLoader (#10116)
  • 0050c91 fix(langchain): reset shared currentSystemMessage on middleware handler retry...
  • 66df7fa fix(anthropic): convert tool_calls to tool_use blocks when AIMessage content ...
  • eed16fa chore(deps): bump actions/stale from 10.1.1 to 10.2.0 in the gh-actions-minor...
  • 02b0d49 chore(deps): bump langsmith from 0.5.4 to 0.5.6 (#10130)
  • 630890a feat(openrouter): default OpenRouter attribution headers (#10109)
  • e7576ee fix(anthropic): replace retired model IDs in tests and mock data (#10108)
  • c0409e6 chore: version packages (#10095)
  • fb2226e Revert "chore(deps): bump ansi-styles from 5.2.0 to 6.2.3" (#10104)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​langchain/community since your current version.


Updates @langchain/community from 0.0.53 to 1.1.18

Release notes

Sourced from @​langchain/community's releases.

@​langchain/community@​1.1.18

Patch Changes

  • #10108 e7576ee Thanks @​hntrl! - fix: replace retired Anthropic model IDs with active replacements

    • Update default model in ChatAnthropic from claude-3-5-sonnet-latest to claude-sonnet-4-5-20250929
    • Regenerate model profiles with latest data from models.dev API
    • Replace retired claude-3-5-haiku-20241022, claude-3-7-sonnet-20250219, claude-3-5-sonnet-20240620, and claude-3-5-sonnet-20241022 in tests, docstrings, and examples
  • #10116 2812d2b Thanks @​hntrl! - Validate redirects in RecursiveUrlLoader to prevent SSRF bypasses.

  • Updated dependencies []:

    • @​langchain/classic@​1.0.19
Commits
  • a591053 chore: version packages (#10110)
  • 2812d2b fix(community): validate redirects in RecursiveUrlLoader (#10116)
  • 0050c91 fix(langchain): reset shared currentSystemMessage on middleware handler retry...
  • 66df7fa fix(anthropic): convert tool_calls to tool_use blocks when AIMessage content ...
  • eed16fa chore(deps): bump actions/stale from 10.1.1 to 10.2.0 in the gh-actions-minor...
  • 02b0d49 chore(deps): bump langsmith from 0.5.4 to 0.5.6 (#10130)
  • 630890a feat(openrouter): default OpenRouter attribution headers (#10109)
  • e7576ee fix(anthropic): replace retired model IDs in tests and mock data (#10108)
  • c0409e6 chore: version packages (#10095)
  • fb2226e Revert "chore(deps): bump ansi-styles from 5.2.0 to 6.2.3" (#10104)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​langchain/community since your current version.


Updates minimatch from 9.0.5 to 9.0.9

Commits

Updates dompurify from 3.1.6 to 3.3.3

Release notes

Sourced from dompurify's releases.

DOMPurify 3.3.3

  • Fixed an engine requirement for Node 20 which caused hiccups, thanks @​Rotzbua

DOMPurify 3.3.2

  • Fixed a possible bypass caused by jsdom's faulty raw-text tag parsing, thanks multiple reporters
  • Fixed a prototype pollution issue when working with custom elements, thanks @​christos-eth
  • Fixed a lenient config parsing in _isValidAttribute, thanks @​christos-eth
  • Bumped and removed several dependencies, thanks @​Rotzbua
  • Fixed the test suite after bumping dependencies, thanks @​Rotzbua

DOMPurify 3.3.1

  • Updated ADD_FORBID_CONTENTS setting to extend default list, thanks @​MariusRumpf
  • Updated the ESM import syntax to be more correct, thanks @​binhpv

DOMPurify 3.3.0

  • Added the SVG mask-type attribute to default allow-list, thanks @​prasadrajandran
  • Added support for ADD_ATTR and ADD_TAGS to accept functions, thanks @​nelstrom
  • Fixed an issue with the slot element being in both SVG and HTML allow-list, thanks @​Wim-Valgaeren

DOMPurify 3.2.7

  • Added new attributes and elements to default allow-list, thanks @​elrion018
  • Added tagName parameter to custom element attributeNameCheck, thanks @​nelstrom
  • Added better check for animated href attributes, thanks @​llamakko
  • Updated and improved the bundled types, thanks @​ssi02014
  • Updated several tests to better align with new browser encoding behaviors
  • Improved the handling of potentially risky content inside CDATA elements, thanks @​securityMB & @​terjanq
  • Improved the regular expression for raw-text elements to cover textareas, thanks @​securityMB & @​terjanq

DOMPurify 3.2.6

DOMPurify 3.2.5

  • Added a check to the mXSS detection regex to be more strict, thanks @​masatokinugawa
  • Added ESM type imports in source, removes patch function, thanks @​donmccurdy
  • Added script to verify various TypeScript configurations, thanks @​reduckted
  • Added more modern browsers to the Karma launchers list
  • Added Node 23.x to tested runtimes, removed Node 17.x
  • Fixed the generation of source maps, thanks @​reduckted
  • Fixed an unexpected behavior with ALLOWED_URI_REGEXP using the 'g' flag, thanks @​hhk-png
  • Fixed a few typos in the README file

DOMPurify 3.2.4

... (truncated)

Commits
  • 8bcbf73 chore: Preparing 3.3.3 release
  • 5faddd6 fix: engine requirement (#1210)
  • 0f91e3a Update README.md
  • d5ff1a8 Merge branch 'main' of github.com:cure53/DOMPurify
  • c3efd48 fix: moved back from jsdom 28 to jsdom 20
  • 988b888 fix: moved back from jsdom 28 to jsdom 20
  • 2726c74 chore: Preparing 3.3.2 release
  • 6202c7e build(deps): bump @​tootallnate/once and jsdom (#1204)
  • 302b51d fix: Expanded the regex ever so slightly to also cover script
  • cd85175 Merge branch 'main' of github.com:cure53/DOMPurify
  • Additional commits viewable in compare view

Updates minimatch from 3.1.2 to 3.1.5

Commits

Updates flatted from 3.3.1 to 3.4.1

Commits
  • 2a02dce 3.4.1
  • fba4e8f Merge pull request #89 from WebReflection/python-fix
  • 5fe8648 added "when in Rome" also a test for PHP
  • 53517ad some minor improvement
  • b3e2a0c Fixing recursion issue in Python too
  • c4b46db Add SECURITY.md for security policy and reporting
  • f86d071 Create dependabot.yml for version updates
  • d3418c7 3.4.0
  • 7eb65d8 Merge pull request #88 from WebReflection/avoid-recusrion
  • 7774aae Avoid recursion on parse due possible shenanigans
  • Additional commits viewable in compare view

Updates fast-xml-parser from 4.5.0 to 4.5.4

Release notes

Sourced from fast-xml-parser's releases.

Summary update on all the previous releases from v4.2.4

  • Multiple minor fixes provided in the validator and parser
  • v6 is added for experimental use.
  • ignoreAttributes support function, and array of string or regex
  • Add support for parsing HTML numeric entities
  • v5 of the application is ESM module now. However, JS is also supported

Note: Release section in not updated frequently. Please check CHANGELOG or Tags for latest release information.

Changelog

Sourced from fast-xml-parser's changelog.

Note: If you find missing information about particular minor version, that version must have been changed without any functional change in this library.

Note: Due to some last quick changes on v4, detail of v4.5.3 & v4.5.4 are not updated here. v4.5.4x is the last tag of v4 in github repository. I'm extremely sorry for the confusion

5.5.3 / 2026-03-11

  • upgrade builder

5.5.2 / 2026-03-11

  • update dependency to fix typings

5.5.1 / 2026-03-10

  • fix dependency

5.5.0 / 2026-03-10

  • support path-expression-matcher
  • fix: stopNode should not be parsed
  • performance improvement for stopNode checking

5.4.2 / 2026-03-03

  • support maxEntityCount option

5.4.1 / 2026-02-25

  • fix (#785) unpairedTag node should not have tag content

5.4.0 / 2026-02-25

  • migrate to fast-xml-builder

5.3.9 / 2026-02-25

  • support strictReservedNames

5.3.8 / 2026-02-25

  • support maxNestedTags
  • handle non-array input for XML builder when preserveOrder is true (By Angelo Coetzee)
  • save use of js properies

5.3.7 / 2026-02-20

5.3.6 / 2026-02-14

  • Improve security and performance of entity processing
    • new options maxEntitySize, maxExpansionDepth, maxTotalExpansions, maxExpandedLength, allowedTags,tagFilter
    • fast return when no edtity is present
    • improvement replacement logic to reduce number of calls

5.3.5 / 2026-02-08

  • fix: Escape regex char in entity name
  • update strnum to 2.1.2

... (truncated)

Commits
  • f8d4d42 update strnum to fix parsing issues of 0 when skiplike is used
  • ab00cdc update package bundle for minor fixes
  • 57c6187 Update ReadMe
  • caeda37 fix: emit full JSON string from CLI when no output filename specified (#710)
  • eadeb7e fix(performance): Update check for leaf node in saveTextToParentTag function ...
  • 682066c Update disclaimer
  • 280cd63 Fix null CDATA to comply with undefined behavior (#701)
  • e132656 update release detail
  • 74e2651 Fixes entity parsing when used in strict mode (#699)
  • 4082902 Fix empty tag key name for v5 (#697)
  • Additional commits viewable in compare view

Updates minimatch from 3.1.2 to 3.1.5

Commits

Updates flatted from 3.3.1 to 3.4.1

Commits
  • 2a02dce 3.4.1
  • fba4e8f Merge pull request #89 from WebReflection/python-fix
  • 5fe8648 added "when in Rome" also a test for PHP
  • 53517ad some minor improvement
  • b3e2a0c Fixing recursion issue in Python too
  • c4b46db Add SECURITY.md for security policy and reporting
  • f86d071 Create dependabot.yml for version updates
  • d3418c7 3.4.0
  • 7eb65d8 Merge pull request #88 from WebReflection/avoid-recusrion
  • 7774aae Avoid recursion on parse due possible shenanigans
  • Additional commits viewable in compare view

Updates fast-xml-parser from 4.5.0 to 4.5.4

Release notes

Sourced from fast-xml-parser's releases.

Summary update on all the previous releases from v4.2.4

  • Multiple minor fixes provided in the validator and parser
  • v6 is added for experimental use.
  • ignoreAttributes support function, and array of string or regex
  • Add support for parsing HTML numeric entities
  • v5 of the application is ESM module now. However, JS is also supported

Note: Release section in not updated frequently. Please check CHANGELOG or Tags for latest release information.

Changelog

Sourced from fast-xml-parser's changelog.

Note: If you find missing information about particular minor version, that version must have been changed without any functional change in this library.

Note: Due to some last quick changes on v4, detail of v4.5.3 & v4.5.4 are not updated here. v4.5.4x is the last tag of v4 in github repository. I'm extremely sorry for the confusion

5.5.3 / 2026-03-11

  • upgrade builder

5.5.2 / 2026-03-11

  • update dependency to fix typings

5.5.1 / 2026-03-10

  • fix dependency

5.5.0 / 2026-03-10

  • support path-expression-matcher
  • fix: stopNode should not be parsed
  • performance improvement for stopNode checking

5.4.2 / 2026-03-03

  • support maxEntityCount option

5.4.1 / 2026-02-25

  • fix (#785) unpairedTag node should not have tag content

5.4.0 / 2026-02-25

  • migrate to fast-xml-builder

5.3.9 / 2026-02-25

  • support strictReservedNames

5.3.8 / 2026-02-25

  • support maxNestedTags
  • handle non-array input for XML builder when preserveOrder is true (By Angelo Coetzee)
  • save use of js properies

5.3.7 / 2026-02-20

5.3.6 / 2026-02-14

  • Improve security and performance of entity processing
    • new options maxEntitySize, maxExpansionDepth, maxTotalExpansions, maxExpandedLength, allowedTags,tagFilter
    • fast return when no edtity is present
    • improvement replacement logic to reduce number of calls

5.3.5 / 2026-02-08

  • fix: Escape regex char in entity name
  • update strnum to 2.1.2

... (truncated)

Commits
  • f8d4d42 update strnum to fix parsing issues of 0 when skiplike is used
  • ab00cdc update package bundle for minor fixes
  • 57c6187 Update ReadMe
  • caeda37 fix: emit full JSON string from CLI when no output filename specified (#710)
  • eadeb7e fix(performance): Update check for leaf node in saveTextToParentTag function ...
  • 682066c Update disclaimer
  • 280cd63 Fix null CDATA to comply with undefined behavior (#701)
  • e132656 update release detail
  • 74e2651 Fixes entity parsing when used in strict mode (#699)
  • 4082902 Fix empty tag key name for v5 (#697)
  • Additional commits viewable in compare view

Updates minimatch from 3.1.2 to 3.1.5

Commits

Updates flatted from 3.3.1 to 3.4.1

Commits
  • 2a02dce 3.4.1
  • fba4e8f Merge pull request #89 from WebReflection/python-fix
  • 5fe8648 added "when in Rome" also a test for PHP
  • 53517ad some minor improvement
  • b3e2a0c Fixing recursion issue in Python too
  • c4b46db Add SECURITY.md for security policy and reporting
  • f86d071 Create dependabot.yml for version updates
  • d3418c7 3.4.0
  • 7eb65d8 Merge pull request #88 from WebReflection/avoid-recusrion
  • 7774aae Avoid recursion on parse due possible shenanigans
  • Additional commits viewable in compare view

Updates minimatch from 3.1.2 to 3.1.5

Commits

Updates flatted from 3.3.1 to 3.4.1

Commits
  • 2a02dce 3.4.1
  • fba4e8f Merge pull request #89 from WebReflection/python-fix
  • 5fe8648 added "when in Rome" also a test for PHP
  • 53517ad some minor improvement
  • b3e2a0c Fixing recursion issue in Python too
  • c4b46db Add SECURITY.md for security policy and reporting
  • f86d071 Create dependabot.yml for version updates
  • d3418c7 3.4.0
  • 7eb65d8 Merge pull request #88 from WebReflection/avoid-recusrion
  • 7774aae Avoid recursion on parse due possible shenanigans
  • Additional commits viewable in compare view

Updates fast-xml-parser from 4.5.0 to 4.5.4

Release notes

Sourced from fast-xml-parser's releases.

Summary update on all the previous releases from v4.2.4

  • Multiple minor fixes provided in the validator and parser
  • v6 is added for experimental use.
  • ignoreAttributes support function, and array of string or regex
  • Add support for parsing HTML numeric entities
  • v5 of the application is ESM module now. However, JS is also supported

Note: Release section in not updated frequently. Please check CHANGELOG or Tags for latest release information.

Changelog

Sourced from fast-xml-parser's changelog.

Note: If you find missing information about particular minor version, that version must have been changed without any functional change in this library.

Note: Due to some last quick changes on v4, detail of v4.5.3 & v4.5.4 are not updated here. v4.5.4x is the last tag of v4 in github repository. I'm extremely sorry for the confusion

5.5.3 / 2026-03-11

  • upgrade builder

5.5.2 / 2026-03-11

  • update dependency to fix typings

5.5.1 / 2026-03-10

  • fix dependency

5.5.0 / 2026-03-10

  • support path-expression-matcher
  • fix: stopNode should not be parsed
  • performance improvement for stopNode checking

5.4.2 / 2026-03-03

  • support maxEntityCount option

5.4.1 / 2026-02-25

  • fix (#785) unpairedTag node should not have tag content

5.4.0 / 2026-02-25

  • migrate to fast-xml-builder

5.3.9 / 2026-02-25

  • support strictReservedNames

5.3.8 / 2026-02-25

  • support maxNestedTags
  • handle non-array input for XML builder when preserveOrder is true (By Angelo Coetzee)
  • save use of js properies

5.3.7 / 2026-02-20

5.3.6 / 2026-02-14

  • Improve security and performance of entity processing
    • new options maxEntitySize, maxExpansionDepth, maxTotalExpansions, maxExpandedLength, allowedTags,tagFilter
    • fast return when no edtity is present
    • improvement replacement logic to reduce number of calls

5.3.5 / 2026-02-08

  • fix: Escape regex char in entity name
  • update strnum to 2.1.2

... (truncated)

Commits
  • f8d4d42 update strnum to fix parsing issues of 0 when skiplike is used
  • ab00cdc update package bundle for minor fixes
  • 57c6187 Update ReadMe
  • caeda37 fix: emit full JSON string from CLI when no output filename specified (#710)
  • eadeb7e fix(performance): Update check for leaf node in saveTextToParentTag function ...
  • 682066c Update disclaimer
  • 280cd63 Fix null CDATA to comply with undefined behavior (#701)
  • e132656 update release detail
  • 74e2651 Fixes entity parsing when used in strict mode (#699)
  • 4082902 Fix empty tag key name for v5 (#697)
  • Additional commits viewable in compare view

Updates minimatch from 3.1.2 to 3.1.5

Commits

Updates flatted from 3.3.1 to 3.4.1

Commits
  • 2a02dce 3.4.1
  • fba4e8f Merge pull request #89 from WebReflection/python-fix
  • 5fe8648 added "when in Rome" also a test for PHP
  • 53517ad some minor improvement
  • b3e2a0c Fixing recursion issue in Python too
  • c4b46db Add SECURITY.md for security policy and reporting
  • f86d071 Create dependabot.yml for version updates
  • d3418c7 3.4.0
  • 7eb65d8 Merge pull request #88 from WebReflection/avoid-recusrion
  • 7774aae Avoid recursion on parse due possible shenanigans
  • Additional commits viewable in compare view

Updates fast-xml-parser from 4.5.0 to 4.5.4

Release notes

Sourced from fast-xml-parser's releases.

Summary update on all the previous releases from v4.2.4

  • Multiple minor fixes provided in the validator and parser
  • v6 is added for experimental use.
  • ignoreAttributes support function, and array of string or regex
  • Add support for parsing HTML numeric entities
  • v5 of the application is ESM module now. However, JS is also supported

Note: Release section in not updated frequently. Please check CHANGELOG or Tags for latest release information.

Changelog

Sourced from fast-xml-parser's changelog.

Note: If you find missing information about particular minor version, that version must have been changed without any functional change in this library.

Note: Due to some last quick changes on v4, detail of v4.5.3 & v4.5.4 are not updated here. v4.5.4x is the last tag of v4 in github repository. I'm extremely sorry for the confusion

5.5.3 / 2026-03-11

  • upgrade builder

5.5.2 / 2026-03-11

  • update dependency to fix typings

5.5.1 / 2026-03-10

  • fix dependency

5.5.0 / 2026-03-10

  • support path-expression-matcher
  • fix: stopNode should not be parsed
  • performance improvement for stopNode checking

5.4.2 / 2026-03-03

  • support maxEntityCount option

5.4.1 / 2026-02-25

  • fix (#785) unpairedTag node should not have tag content

5.4.0 / 2026-02-25

  • migrate to fast-xml-builder

5.3.9 / 2026-02-25

  • support strictReservedNames

5.3.8 / 2026-02-25

  • support maxNestedTags
  • handle non-array input for XML builder when preserveOrder is true (By Angelo Coetzee)
  • save use of js properies

5.3.7 / 2026-02-20

5.3.6 / 2026-02-14

  • Improve security and performance of entity processing
    • new options maxEntitySize, maxExpansionDepth, maxTotalExpansions, maxExpandedLength, allowedTags,tagFilter
    • fast return when no edtity is present
    • improvement replacement logic to reduce number of calls

5.3.5 / 2026-02-08

  • fix: Escape regex char in entity name
  • update strnum to 2.1.2

... (truncated)

Commits
  • f8d4d42 update strnum to fix parsing issues of 0 when skiplike is used
  • ab00cdc update package bundle for minor fixes
  • 57c6187 Update ReadMe
  • Description has been truncated

… updates

Bumps the npm_and_yarn group with 1 update in the /.github/actions/changesets-action directory: [minimatch](https://github.com/isaacs/minimatch).
Bumps the npm_and_yarn group with 1 update in the /CopilotKit directory: [@langchain/community](https://github.com/langchain-ai/langchainjs).
Bumps the npm_and_yarn group with 1 update in the /CopilotKit/examples/next-pages-router directory: [@langchain/community](https://github.com/langchain-ai/langchainjs).
Bumps the npm_and_yarn group with 2 updates in the /docs directory: [minimatch](https://github.com/isaacs/minimatch) and [dompurify](https://github.com/cure53/DOMPurify).
Bumps the npm_and_yarn group with 2 updates in the /examples/coagents-ai-researcher/ui directory: [minimatch](https://github.com/isaacs/minimatch) and [flatted](https://github.com/WebReflection/flatted).
Bumps the npm_and_yarn group with 1 update in the /examples/coagents-qa-native/agent-js directory: [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser).
Bumps the npm_and_yarn group with 2 updates in the /examples/coagents-qa-native/ui directory: [minimatch](https://github.com/isaacs/minimatch) and [flatted](https://github.com/WebReflection/flatted).
Bumps the npm_and_yarn group with 1 update in the /examples/coagents-qa-text/agent-js directory: [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser).
Bumps the npm_and_yarn group with 2 updates in the /examples/coagents-qa-text/ui directory: [minimatch](https://github.com/isaacs/minimatch) and [flatted](https://github.com/WebReflection/flatted).
Bumps the npm_and_yarn group with 2 updates in the /examples/coagents-qa/ui directory: [minimatch](https://github.com/isaacs/minimatch) and [flatted](https://github.com/WebReflection/flatted).
Bumps the npm_and_yarn group with 1 update in the /examples/coagents-research-canvas/agent-js directory: [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser).
Bumps the npm_and_yarn group with 2 updates in the /examples/coagents-research-canvas/ui directory: [minimatch](https://github.com/isaacs/minimatch) and [flatted](https://github.com/WebReflection/flatted).
Bumps the npm_and_yarn group with 1 update in the /examples/coagents-routing/agent-js directory: [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser).
Bumps the npm_and_yarn group with 2 updates in the /examples/coagents-routing/ui directory: [minimatch](https://github.com/isaacs/minimatch) and [flatted](https://github.com/WebReflection/flatted).
Bumps the npm_and_yarn group with 2 updates in the /examples/coagents-shared-state/ui directory: [minimatch](https://github.com/isaacs/minimatch) and [flatted](https://github.com/WebReflection/flatted).
Bumps the npm_and_yarn group with 2 updates in the /examples/coagents-starter/ui directory: [minimatch](https://github.com/isaacs/minimatch) and [flatted](https://github.com/WebReflection/flatted).
Bumps the npm_and_yarn group with 2 updates in the /examples/coagents-travel/ui directory: [minimatch](https://github.com/isaacs/minimatch) and [flatted](https://github.com/WebReflection/flatted).
Bumps the npm_and_yarn group with 2 updates in the /examples/coagents-wait-user-input/ui directory: [minimatch](https://github.com/isaacs/minimatch) and [flatted](https://github.com/WebReflection/flatted).
Bumps the npm_and_yarn group with 1 update in the /infra directory: [minimatch](https://github.com/isaacs/minimatch).


Updates `minimatch` from 3.1.2 to 3.1.5
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)
- [Commits](isaacs/minimatch@v3.1.2...v3.1.5)

Updates `@langchain/community` from 0.0.53 to 1.1.18
- [Release notes](https://github.com/langchain-ai/langchainjs/releases)
- [Commits](https://github.com/langchain-ai/langchainjs/compare/0.0.53...@langchain/community@1.1.18)

Updates `@langchain/community` from 0.0.53 to 1.1.18
- [Release notes](https://github.com/langchain-ai/langchainjs/releases)
- [Commits](https://github.com/langchain-ai/langchainjs/compare/0.0.53...@langchain/community@1.1.18)

Updates `minimatch` from 9.0.5 to 9.0.9
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)
- [Commits](isaacs/minimatch@v3.1.2...v3.1.5)

Updates `dompurify` from 3.1.6 to 3.3.3
- [Release notes](https://github.com/cure53/DOMPurify/releases)
- [Commits](cure53/DOMPurify@3.1.6...3.3.3)

Updates `minimatch` from 3.1.2 to 3.1.5
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)
- [Commits](isaacs/minimatch@v3.1.2...v3.1.5)

Updates `flatted` from 3.3.1 to 3.4.1
- [Commits](WebReflection/flatted@v3.3.1...v3.4.1)

Updates `fast-xml-parser` from 4.5.0 to 4.5.4
- [Release notes](https://github.com/NaturalIntelligence/fast-xml-parser/releases)
- [Changelog](https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md)
- [Commits](NaturalIntelligence/fast-xml-parser@v4.5.0...v4.5.4)

Updates `minimatch` from 3.1.2 to 3.1.5
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)
- [Commits](isaacs/minimatch@v3.1.2...v3.1.5)

Updates `flatted` from 3.3.1 to 3.4.1
- [Commits](WebReflection/flatted@v3.3.1...v3.4.1)

Updates `fast-xml-parser` from 4.5.0 to 4.5.4
- [Release notes](https://github.com/NaturalIntelligence/fast-xml-parser/releases)
- [Changelog](https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md)
- [Commits](NaturalIntelligence/fast-xml-parser@v4.5.0...v4.5.4)

Updates `minimatch` from 3.1.2 to 3.1.5
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)
- [Commits](isaacs/minimatch@v3.1.2...v3.1.5)

Updates `flatted` from 3.3.1 to 3.4.1
- [Commits](WebReflection/flatted@v3.3.1...v3.4.1)

Updates `minimatch` from 3.1.2 to 3.1.5
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)
- [Commits](isaacs/minimatch@v3.1.2...v3.1.5)

Updates `flatted` from 3.3.1 to 3.4.1
- [Commits](WebReflection/flatted@v3.3.1...v3.4.1)

Updates `fast-xml-parser` from 4.5.0 to 4.5.4
- [Release notes](https://github.com/NaturalIntelligence/fast-xml-parser/releases)
- [Changelog](https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md)
- [Commits](NaturalIntelligence/fast-xml-parser@v4.5.0...v4.5.4)

Updates `minimatch` from 3.1.2 to 3.1.5
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)
- [Commits](isaacs/minimatch@v3.1.2...v3.1.5)

Updates `flatted` from 3.3.1 to 3.4.1
- [Commits](WebReflection/flatted@v3.3.1...v3.4.1)

Updates `fast-xml-parser` from 4.5.0 to 4.5.4
- [Release notes](https://github.com/NaturalIntelligence/fast-xml-parser/releases)
- [Changelog](https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md)
- [Commits](NaturalIntelligence/fast-xml-parser@v4.5.0...v4.5.4)

Updates `minimatch` from 3.1.2 to 3.1.5
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)
- [Commits](isaacs/minimatch@v3.1.2...v3.1.5)

Updates `flatted` from 3.3.1 to 3.4.1
- [Commits](WebReflection/flatted@v3.3.1...v3.4.1)

Updates `minimatch` from 3.1.2 to 3.1.5
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)
- [Commits](isaacs/minimatch@v3.1.2...v3.1.5)

Updates `flatted` from 3.3.1 to 3.4.1
- [Commits](WebReflection/flatted@v3.3.1...v3.4.1)

Updates `minimatch` from 3.1.2 to 3.1.5
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)
- [Commits](isaacs/minimatch@v3.1.2...v3.1.5)

Updates `flatted` from 3.3.1 to 3.4.1
- [Commits](WebReflection/flatted@v3.3.1...v3.4.1)

Updates `minimatch` from 3.1.2 to 3.1.5
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)
- [Commits](isaacs/minimatch@v3.1.2...v3.1.5)

Updates `flatted` from 3.3.1 to 3.4.1
- [Commits](WebReflection/flatted@v3.3.1...v3.4.1)

Updates `minimatch` from 3.1.2 to 3.1.5
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)
- [Commits](isaacs/minimatch@v3.1.2...v3.1.5)

Updates `flatted` from 3.3.1 to 3.4.1
- [Commits](WebReflection/flatted@v3.3.1...v3.4.1)

Updates `minimatch` from 3.1.2 to 3.1.5
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)
- [Commits](isaacs/minimatch@v3.1.2...v3.1.5)

---
updated-dependencies:
- dependency-name: minimatch
  dependency-version: 3.1.5
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: "@langchain/community"
  dependency-version: 1.1.18
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: "@langchain/community"
  dependency-version: 1.1.18
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: minimatch
  dependency-version: 9.0.9
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: dompurify
  dependency-version: 3.3.3
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: minimatch
  dependency-version: 3.1.5
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: flatted
  dependency-version: 3.4.1
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: fast-xml-parser
  dependency-version: 4.5.4
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: minimatch
  dependency-version: 3.1.5
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: flatted
  dependency-version: 3.4.1
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: fast-xml-parser
  dependency-version: 4.5.4
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: minimatch
  dependency-version: 3.1.5
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: flatted
  dependency-version: 3.4.1
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: minimatch
  dependency-version: 3.1.5
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: flatted
  dependency-version: 3.4.1
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: fast-xml-parser
  dependency-version: 4.5.4
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: minimatch
  dependency-version: 3.1.5
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: flatted
  dependency-version: 3.4.1
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: fast-xml-parser
  dependency-version: 4.5.4
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: minimatch
  dependency-version: 3.1.5
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: flatted
  dependency-version: 3.4.1
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: minimatch
  dependency-version: 3.1.5
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: flatted
  dependency-version: 3.4.1
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: minimatch
  dependency-version: 3.1.5
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: flatted
  dependency-version: 3.4.1
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: minimatch
  dependency-version: 3.1.5
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: flatted
  dependency-version: 3.4.1
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: minimatch
  dependency-version: 3.1.5
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: flatted
  dependency-version: 3.4.1
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: minimatch
  dependency-version: 3.1.5
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Mar 14, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants