Skip to content

chore(deps): Bump handlebars from 4.7.7 to 4.7.9#3840

Open
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/handlebars-4.7.9
Open

chore(deps): Bump handlebars from 4.7.7 to 4.7.9#3840
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/handlebars-4.7.9

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Mar 27, 2026

Bumps handlebars from 4.7.7 to 4.7.9.

Release notes

Sourced from handlebars's releases.

v4.7.9

Commits

v4.7.8

  • Make library compatible with workers (#1894) - 3d3796c
  • Don't rely on Node.js global object (#1776) - 2954e7e
  • Fix compiling of each block params in strict mode (#1855) - 30dbf04
  • Fix rollup warning when importing Handlebars as ESM - 03d387b
  • Fix bundler issue with webpack 5 (#1862) - c6c6bbb
  • Use https instead of git for mustache submodule - 88ac068

Commits

Changelog

Sourced from handlebars's changelog.

v4.7.9 - March 26th, 2026

  • fix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2
  • fix type "RuntimeOptions" also accepting string partials - eab1d14
  • feat(types): set hash to be a Record<string, any> - de4414d
  • fix non-contiguous program indices - 4512766
  • refactor: rename i to startPartIndex - e497a35
  • security: fix security issues - 68d8df5

Commits

v4.7.8 - July 27th, 2023

  • Make library compatible with workers (#1894) - 3d3796c
  • Don't rely on Node.js global object (#1776) - 2954e7e
  • Fix compiling of each block params in strict mode (#1855) - 30dbf04
  • Fix rollup warning when importing Handlebars as ESM - 03d387b
  • Fix bundler issue with webpack 5 (#1862) - c6c6bbb
  • Use https instead of git for mustache submodule - 88ac068

Commits

Commits
  • dce542c v4.7.9
  • 8a41389 Update release notes
  • 68d8df5 Fix security issues
  • b2a0831 Fix browser tests
  • 9f98c16 Fix release script
  • 45443b4 Revert "Improve partial indenting performance"
  • 8841a5f Fix CI errors with linting
  • e0137c2 fix: enable shell mode for spawn to resolve Windows EINVAL issue
  • e914d60 Improve rendering performance
  • 7de4b41 Upgrade GitHub Actions checkout and setup-node on 4.x branch
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by jaylinski, a new releaser for handlebars since your current version.


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
chore(deps): Bump handlebars from 4.7.7 to 4.7.9
a9b2b69 
Bumps [handlebars](https://github.com/handlebars-lang/handlebars.js) from 4.7.7 to 4.7.9.
- [Release notes](https://github.com/handlebars-lang/handlebars.js/releases)
- [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/v4.7.9/release-notes.md)
- [Commits](handlebars-lang/handlebars.js@v4.7.7...v4.7.9)

---
updated-dependencies:
- dependency-name: handlebars
  dependency-version: 4.7.9
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Mar 27, 2026
@jaclynjessup jaclynjessup moved this to 👀 In review in Canvas Kit Mar 27, 2026
@cypress
Copy link
Copy Markdown

cypress bot commented Mar 27, 2026
edited
Loading

Workday/canvas-kit    Run #10537

Run Properties:  status check passed Passed #10537  •  git commit bde55cbf97 ℹ️: Merge a9b2b69f12e1d67ca070b692960d31dce6680016 into 7235a397c9f49a8ef929c793b232...
Project Workday/canvas-kit
Branch Review dependabot/npm_and_yarn/handlebars-4.7.9
Run status status check passed Passed #10537
Run duration 02m 21s
Commit git commit bde55cbf97 ℹ️: Merge a9b2b69f12e1d67ca070b692960d31dce6680016 into 7235a397c9f49a8ef929c793b232...
Committer dependabot[bot]
View all properties for this run ↗︎
Test results
Tests that failed  Failures 0
Tests that were flaky  Flaky 0
Tests that did not run due to a developer annotating a test with .skip  Pending 86
Tests that did not run due to a failure in a mocha hook  Skipped 0
Tests that passed  Passing 850
View all changes introduced in this branch ↗︎
UI Coverage  19.36%
  Untested elements 1539  
  Tested elements 367  
Accessibility  99.33%
  Failed rules  6 critical   5 serious   0 moderate   2 minor
  Failed elements 77  

@alanbsmith alanbsmith enabled auto-merge (squash) March 30, 2026 16:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@alanbsmith alanbsmith alanbsmith approved these changes

Assignees

No one assigned

Labels

automerge dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

Canvas Kit
Status: 👀 In review

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@alanbsmith @jaclynjessup