Skip to content

chore(deps): bump form-data from 4.0.4 to 4.0.6#1288

Merged
rzhao271 merged 1 commit into
mainfrom
dependabot/npm_and_yarn/form-data-4.0.6
Jun 17, 2026
Merged

chore(deps): bump form-data from 4.0.4 to 4.0.6#1288
rzhao271 merged 1 commit into
mainfrom
dependabot/npm_and_yarn/form-data-4.0.6

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 17, 2026

Copy link
Copy Markdown
Contributor

Bumps form-data from 4.0.4 to 4.0.6.

Changelog

Sourced from form-data's changelog.

v4.0.6 - 2026-06-12

Commits

  • [Fix] escape CR, LF, and " in field names and filenames 8dff42c
  • [Dev Deps] update @ljharb/eslint-config, auto-changelog, tape f31d21e
  • [Deps] update hasown, mime-types 92ae0eb
  • [Dev Deps] update js-randomness-predictor 67b0f65

v4.0.5 - 2025-11-17

Commits

  • [Tests] Switch to newer v8 prediction library; enable node 24 testing 16e0076
  • [Dev Deps] update @ljharb/eslint-config, eslint 5822467
  • [Fix] set Symbol.toStringTag in the proper place 76d0dee
Commits
  • 64190db v4.0.6
  • 92ae0eb [Deps] update hasown, mime-types
  • f31d21e [Dev Deps] update @ljharb/eslint-config, auto-changelog, tape
  • 8dff42c [Fix] escape CR, LF, and " in field names and filenames
  • 67b0f65 [Dev Deps] update js-randomness-predictor
  • 68ff7dd v4.0.5
  • 5822467 [Dev Deps] update @ljharb/eslint-config, eslint
  • 76d0dee [Fix] set Symbol.toStringTag in the proper place
  • 16e0076 [Tests] Switch to newer v8 prediction library; enable node 24 testing
  • See full diff in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [form-data](https://github.com/form-data/form-data) from 4.0.4 to 4.0.6.
- [Release notes](https://github.com/form-data/form-data/releases)
- [Changelog](https://github.com/form-data/form-data/blob/master/CHANGELOG.md)
- [Commits](form-data/form-data@v4.0.4...v4.0.6)

---
updated-dependencies:
- dependency-name: form-data
  dependency-version: 4.0.6
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 17, 2026
@vs-code-engineering vs-code-engineering Bot requested a review from rzhao271 June 17, 2026 21:32
@rzhao271 rzhao271 added this to the 1.126.0 milestone Jun 17, 2026
@rzhao271 rzhao271 merged commit 616527c into main Jun 17, 2026
5 checks passed
@rzhao271 rzhao271 deleted the dependabot/npm_and_yarn/form-data-4.0.6 branch June 17, 2026 22:33
Mopsgamer added a commit to Mopsgamer/vscode-vsce that referenced this pull request Jul 14, 2026
commit 616527c
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Wed Jun 17 15:33:56 2026 -0700

    chore(deps): bump form-data from 4.0.4 to 4.0.6 (microsoft#1288)

    Bumps [form-data](https://github.com/form-data/form-data) from 4.0.4 to 4.0.6.
    - [Release notes](https://github.com/form-data/form-data/releases)
    - [Changelog](https://github.com/form-data/form-data/blob/master/CHANGELOG.md)
    - [Commits](form-data/form-data@v4.0.4...v4.0.6)

    ---
    updated-dependencies:
    - dependency-name: form-data
      dependency-version: 4.0.6
      dependency-type: direct:production
    ...

    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit b4de287
Merge: 17bf3e3 55504fe
Author: Benjamin Christopher Simmonds <44439583+benibenj@users.noreply.github.com>
Date:   Wed Jun 17 23:28:47 2026 +0200

    Merge pull request microsoft#1287 from microsoft/dependabot/npm_and_yarn/markdown-it-14.2.0

    chore(deps): bump markdown-it from 14.1.1 to 14.2.0

commit 55504fe
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Wed Jun 17 21:25:48 2026 +0000

    chore(deps): bump markdown-it from 14.1.1 to 14.2.0

    Bumps [markdown-it](https://github.com/markdown-it/markdown-it) from 14.1.1 to 14.2.0.
    - [Changelog](https://github.com/markdown-it/markdown-it/blob/master/CHANGELOG.md)
    - [Commits](markdown-it/markdown-it@14.1.1...14.2.0)

    ---
    updated-dependencies:
    - dependency-name: markdown-it
      dependency-version: 14.2.0
      dependency-type: direct:production
    ...

    Signed-off-by: dependabot[bot] <support@github.com>

commit 17bf3e3
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Mon Jun 15 16:46:02 2026 +0000

    chore(deps): bump tmp from 0.2.6 to 0.2.7 (microsoft#1284)

    Bumps [tmp](https://github.com/raszi/node-tmp) from 0.2.6 to 0.2.7.
    - [Changelog](https://github.com/raszi/node-tmp/blob/master/CHANGELOG.md)
    - [Commits](raszi/node-tmp@v0.2.6...v0.2.7)

    ---
    updated-dependencies:
    - dependency-name: tmp
      dependency-version: 0.2.7
      dependency-type: direct:production
    ...

    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit f7501f2
Author: Raymond Zhao <7199958+rzhao271@users.noreply.github.com>
Date:   Wed Jun 3 11:41:14 2026 -0700

    fix: skip APIScan (microsoft#1283)

commit 7cd3244
Author: Raymond Zhao <7199958+rzhao271@users.noreply.github.com>
Date:   Wed Jun 3 10:41:25 2026 -0700

    chore: bump CI to Node 22 and fix build (microsoft#1282)

commit df1a68e
Author: Copilot <198982749+Copilot@users.noreply.github.com>
Date:   Mon Jun 1 20:50:50 2026 +0200

    Bump the `uuid` test fixture version to `100.0.0` (microsoft#1279)

    * Initial plan

    * test: bump uuid fixture version

    * chore: remove temporary validation logs

    ---------

    Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>

commit 3a5786e
Merge: 54dce87 4954e08
Author: Benjamin Christopher Simmonds <44439583+benibenj@users.noreply.github.com>
Date:   Thu May 28 14:57:39 2026 +0200

    Merge pull request microsoft#1278 from microsoft/dependabot/npm_and_yarn/tmp-0.2.6

    Bump tmp from 0.2.4 to 0.2.6

commit 4954e08
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Thu May 28 03:03:20 2026 +0000

    Bump tmp from 0.2.4 to 0.2.6

    Bumps [tmp](https://github.com/raszi/node-tmp) from 0.2.4 to 0.2.6.
    - [Changelog](https://github.com/raszi/node-tmp/blob/master/CHANGELOG.md)
    - [Commits](raszi/node-tmp@v0.2.4...v0.2.6)

    ---
    updated-dependencies:
    - dependency-name: tmp
      dependency-version: 0.2.6
      dependency-type: direct:production
    ...

    Signed-off-by: dependabot[bot] <support@github.com>

commit 54dce87
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Fri May 22 19:09:50 2026 +0000

    Bump qs from 6.14.2 to 6.15.2 (microsoft#1277)

    Bumps [qs](https://github.com/ljharb/qs) from 6.14.2 to 6.15.2.
    - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md)
    - [Commits](ljharb/qs@v6.14.2...v6.15.2)

    ---
    updated-dependencies:
    - dependency-name: qs
      dependency-version: 6.15.2
      dependency-type: indirect
    ...

    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit 86fc2d6
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Thu May 21 14:33:54 2026 -0700

    Bump uuid and @azure/msal-node (microsoft#1276)

    Removes [uuid](https://github.com/uuidjs/uuid). It's no longer used after updating ancestor dependency [@azure/msal-node](https://github.com/AzureAD/microsoft-authentication-library-for-js). These dependencies need to be updated together.

    Removes `uuid`

    Updates `@azure/msal-node` from 5.1.2 to 5.2.2
    - [Release notes](https://github.com/AzureAD/microsoft-authentication-library-for-js/releases)
    - [Commits](AzureAD/microsoft-authentication-library-for-js@msal-node-v5.1.2...msal-node-v5.2.2)

    ---
    updated-dependencies:
    - dependency-name: uuid
      dependency-version:
      dependency-type: indirect
    - dependency-name: "@azure/msal-node"
      dependency-version: 5.2.2
      dependency-type: indirect
    ...

    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit 4699582
Author: Copilot <198982749+Copilot@users.noreply.github.com>
Date:   Wed May 13 17:11:35 2026 -0700

    Run npm audit fix and update lockfile (microsoft#1274)

    Agent-Logs-Url: https://github.com/microsoft/vscode-vsce/sessions/f2316742-5e81-44c7-ad59-2785c896ae92

    Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
    Co-authored-by: rzhao271 <7199958+rzhao271@users.noreply.github.com>

commit e003a0a
Merge: 7a3c1c7 74ab7a9
Author: Benjamin Christopher Simmonds <44439583+benibenj@users.noreply.github.com>
Date:   Mon May 11 10:18:39 2026 +0200

    Merge pull request microsoft#1272 from microsoft/dependabot/npm_and_yarn/fast-uri-3.1.2

    Bump fast-uri from 3.0.6 to 3.1.2

commit 74ab7a9
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Fri May 8 22:03:21 2026 +0000

    Bump fast-uri from 3.0.6 to 3.1.2

    Bumps [fast-uri](https://github.com/fastify/fast-uri) from 3.0.6 to 3.1.2.
    - [Release notes](https://github.com/fastify/fast-uri/releases)
    - [Commits](fastify/fast-uri@v3.0.6...v3.1.2)

    ---
    updated-dependencies:
    - dependency-name: fast-uri
      dependency-version: 3.1.2
      dependency-type: indirect
    ...

    Signed-off-by: dependabot[bot] <support@github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant