From 94668bebea472df65f2fa4f73c336a26e57cc263 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 27 Mar 2026 00:17:34 +0000
Subject: [PATCH] chore(deps-dev): Bump handlebars from 4.7.8 to 4.7.9 (#1749)
Bumps [handlebars](https://github.com/handlebars-lang/handlebars.js)
from 4.7.8 to 4.7.9.
Release notes
Sourced from handlebars's
releases.
v4.7.9
- fix: enable shell mode for spawn to resolve Windows EINVAL issue -
e0137c2
- fix type "RuntimeOptions" also accepting string partials -
eab1d14
- feat(types): set
hash to be a Record<string,
any> - de4414d
- fix non-contiguous program indices - 4512766
- refactor: rename i to startPartIndex - e497a35
- security: fix security issues - 68d8df5
Commits
Changelog
Sourced from handlebars's
changelog.
v4.7.9 - March 26th, 2026
- fix: enable shell mode for spawn to resolve Windows EINVAL issue -
e0137c2
- fix type "RuntimeOptions" also accepting string partials -
eab1d14
- feat(types): set
hash to be a Record<string,
any> - de4414d
- fix non-contiguous program indices - 4512766
- refactor: rename i to startPartIndex - e497a35
- security: fix security issues - 68d8df5
Commits
Commits
dce542c
v4.7.98a41389
Update release notes68d8df5
Fix security issuesb2a0831
Fix browser tests9f98c16
Fix release script45443b4
Revert "Improve partial indenting performance"8841a5f
Fix CI errors with lintinge0137c2
fix: enable shell mode for spawn to resolve Windows EINVAL issuee914d60
Improve rendering performance7de4b41
Upgrade GitHub Actions checkout and setup-node on 4.x branch- Additional commits viewable in compare
view
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/maplibre/maputnik/network/alerts).
Signed-off-by: dependabot[bot]
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
package-lock.json | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/package-lock.json b/package-lock.json
index 70d5aec7..1dccfd1b 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -7822,9 +7822,9 @@
"license": "MIT"
},
"node_modules/handlebars": {
- "version": "4.7.8",
- "resolved": "https://registry.npmjs.org/handlebars/-/handlebars-4.7.8.tgz",
- "integrity": "sha512-vafaFqs8MZkRrSX7sFVUdo3ap/eNiLnb4IakshzvP56X5Nr1iGKAIqdX6tMlm6HcNRIkr6AxO5jFEoJzzpT8aQ==",
+ "version": "4.7.9",
+ "resolved": "https://registry.npmjs.org/handlebars/-/handlebars-4.7.9.tgz",
+ "integrity": "sha512-4E71E0rpOaQuJR2A3xDZ+GM1HyWYv1clR58tC8emQNeQe3RH7MAzSbat+V0wG78LQBo6m6bzSG/L4pBuCsgnUQ==",
"dev": true,
"license": "MIT",
"dependencies": {