Skip to content

chore(deps-dev): bump svgo from 3.3.2 to 3.3.3#1737

Open
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/svgo-3.3.3
Open

chore(deps-dev): bump svgo from 3.3.2 to 3.3.3#1737
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/svgo-3.3.3

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Mar 5, 2026
edited
Loading

Bumps svgo from 3.3.2 to 3.3.3.

Release notes

Sourced from svgo's releases.

v3.3.3

What's Changed

Dependencies

  • Migrates from our unsupported fork of sax (@​trysound/sax) to the upstream version of sax (sax).

Bug Fixes

  • No longer throws error when encountering comments in DTD.

Metrics

Before and after of the browser bundle of each respective version:

v3.3.2 v3.3.3 Delta
svgo.browser.js 910.9 kB 912.9 kB ⬆️ 2 kB

Support

SVGO v3 is not officially supported, please consider upgrading to SVGO v4 instead. We've backported this fix as there are security implications, but there is no commitment to do this for more complex changes in future.

Consider reading our Migration Guide from v3 to v4 which should ease the process.

Commits

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Mar 5, 2026
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot bot commented on behalf of github Mar 5, 2026

Labels

The following labels could not be found: dependabot. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot bot requested a review from a team as a code owner March 5, 2026 01:14
@dependabot dependabot bot requested review from reazy015 and removed request for a team March 5, 2026 01:14
@dependabot
chore(deps-dev): bump svgo from 3.3.2 to 3.3.3
f601b73 
Bumps [svgo](https://github.com/svg/svgo) from 3.3.2 to 3.3.3.
- [Release notes](https://github.com/svg/svgo/releases)
- [Commits](svg/svgo@v3.3.2...v3.3.3)

---
updated-dependencies:
- dependency-name: svgo
  dependency-version: 3.3.3
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/svgo-3.3.3 branch from 707f134 to f601b73 Compare March 30, 2026 08:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@reazy015 reazy015 Awaiting requested review from reazy015 reazy015 is a code owner automatically assigned from diplodoc-platform/team

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants