Skip to content

chore(deps): bump form-data from 4.0.5 to 4.0.6#33

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/form-data-4.0.6
Open

chore(deps): bump form-data from 4.0.5 to 4.0.6#33
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/form-data-4.0.6

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 21, 2026

Copy link
Copy Markdown
Contributor

Bumps form-data from 4.0.5 to 4.0.6.

Changelog

Sourced from form-data's changelog.

v4.0.6 - 2026-06-12

Commits

  • [Fix] escape CR, LF, and " in field names and filenames 8dff42c
  • [Dev Deps] update @ljharb/eslint-config, auto-changelog, tape f31d21e
  • [Deps] update hasown, mime-types 92ae0eb
  • [Dev Deps] update js-randomness-predictor 67b0f65
Commits
  • 64190db v4.0.6
  • 92ae0eb [Deps] update hasown, mime-types
  • f31d21e [Dev Deps] update @ljharb/eslint-config, auto-changelog, tape
  • 8dff42c [Fix] escape CR, LF, and " in field names and filenames
  • 67b0f65 [Dev Deps] update js-randomness-predictor
  • See full diff in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 21, 2026
@cloudflare-workers-and-pages

cloudflare-workers-and-pages Bot commented Jun 21, 2026

Copy link
Copy Markdown

Deploying dtrader-template with  Cloudflare Pages  Cloudflare Pages

Latest commit: 85b071b
Status: ✅  Deploy successful!
Preview URL: https://80b50abd.dtrader-template.pages.dev
Branch Preview URL: https://dependabot-npm-and-yarn-form.dtrader-template.pages.dev

View logs

@dependabot dependabot Bot added the javascript Pull requests that update javascript code label Jun 21, 2026
@github-actions

github-actions Bot commented Jun 21, 2026

Copy link
Copy Markdown
Contributor

Dependency Review

The following issues were found:
  • ✅ 0 vulnerable package(s)
  • ✅ 0 package(s) with incompatible licenses
  • ✅ 0 package(s) with invalid SPDX license definitions
  • ✅ 0 package(s) with unknown licenses.
  • ⚠️ 1 packages with OpenSSF Scorecard issues.
See the Details below.

OpenSSF Scorecard

PackageVersionScoreDetails
npm/fastest-levenshtein 1.0.16 ⚠️ 2.3
Details
CheckScoreReason
Token-Permissions⚠️ -1No tokens found
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies⚠️ -1no dependencies found
Dangerous-Workflow⚠️ -1no workflows found
Binary-Artifacts🟢 10no binaries found in the repo
Maintained⚠️ 00 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Code-Review⚠️ 2Found 6/23 approved changesets -- score normalized to 2
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Security-Policy⚠️ 0security policy file not detected
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
npm/p-map 4.0.0 🟢 4.2
Details
CheckScoreReason
Code-Review🟢 4Found 12/30 approved changesets -- score normalized to 4
Security-Policy🟢 10security policy file detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Packaging⚠️ -1packaging workflow not detected
Maintained🟢 33 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 3
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
npm/text-table 0.2.0 🟢 4.6
Details
CheckScoreReason
Maintained⚠️ 00 commit(s) out of 25 and 0 issue activity out of 11 found in the last 90 days -- score normalized to 0
Code-Review⚠️ 0no reviews found
CII-Best-Practices⚠️ 0no badge detected
Signed-Releases⚠️ -1no releases found
Vulnerabilities🟢 10no vulnerabilities detected
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Token-Permissions🟢 10tokens are read-only in GitHub workflows
Packaging⚠️ -1no published package detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Binary-Artifacts🟢 10no binaries found in the repo
License🟢 10license file detected
Pinned-Dependencies🟢 10all dependencies are pinned
Security-Policy⚠️ 0security policy file not detected
Dependency-Update-Tool⚠️ 0no update tool detected
SAST⚠️ 0no SAST tool detected
Fuzzing⚠️ 0project is not fuzzed

Scanned Manifest Files

package-lock.json
  • form-data@4.0.5
  • fastest-levenshtein@1.0.16
  • form-data@4.0.6
  • p-map@4.0.0
  • rrweb-cssom@0.6.0
  • text-table@0.2.0
  • @emnapi/core@1.11.2
  • @emnapi/runtime@1.11.2
  • fastest-levenshtein@1.0.16
  • p-map@4.0.0
  • text-table@0.2.0

Bumps [form-data](https://github.com/form-data/form-data) from 4.0.5 to 4.0.6.
- [Changelog](https://github.com/form-data/form-data/blob/master/CHANGELOG.md)
- [Commits](form-data/form-data@v4.0.5...v4.0.6)

---
updated-dependencies:
- dependency-name: form-data
  dependency-version: 4.0.6
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants