build(deps): bump the npm_and_yarn group across 5 directories with 2 updates

[dependabot]

Bumps the npm_and_yarn group with 1 update in the /pkgs/applications/editors/uivonim directory: electron.
Bumps the npm_and_yarn group with 1 update in the /pkgs/applications/networking/browsers/vieb directory: electron.
Bumps the npm_and_yarn group with 1 update in the /pkgs/applications/networking/instant-messengers/deltachat-desktop directory: electron.
Bumps the npm_and_yarn group with 1 update in the /pkgs/applications/office/micropad directory: electron.
Bumps the npm_and_yarn group with 1 update in the /pkgs/tools/admin/pgadmin directory: handlebars.

Updates electron from 12.0.9 to 39.8.4

Release notes

Sourced from electron's releases.

electron v39.8.4

Release Notes for v39.8.4

Fixes

• Fixed an issue where nodeIntegrationInWorker overrides in setWindowOpenHandler were not honored for child windows sharing a renderer process with their opener. #50468 (Also in 38, 40, 41)
• Fixed crash when handling JavaScript dialogs from windows opened with invalid or empty URLs. #50400 (Also in 40, 41, 42)
• Fixed improper focus tracking in BaseWindow on MacOS. #50338 (Also in 40, 41, 42)
• Fixed window freeze when failing to enter/exit fullscreen on macOS. #50341 (Also in 40, 41, 42)

Other Changes

• Added support for using a proxy during yarn install. #50349 (Also in 40, 41, 42)
• Backported fix for 485935305. #50440
• Backported fix for 489381399. #50443
• Backported fix for chromium:475877320. #50436
• Backported fixes for 484751092, 487117772. #50461

electron v39.8.3

Release Notes for v39.8.3

Fixes

• Added additional ASAR support to additional fs copy methods. #50284 (Also in 40, 41, 42)
• Fixed user resizing of transparent windows on win32 platform. #50300 (Also in 40, 41, 42)

electron v39.8.2

Release Notes for v39.8.2

Other Changes

• Backported fix for b/491421267. #50230

electron v39.8.1

Release Notes for v39.8.1

Fixes

• Added validation to protocol client methods to reject protocol names that do not conform to the RFC 3986 URI scheme grammar. #50156 (Also in 38, 40, 41)
• Fixed an issue on macOS where calling autoUpdater.quitAndInstall() could fail if checkForUpdates() was called again after an update was already downloaded. #50215 (Also in 40, 41)
• Fixed an issue where Chrome Devtools menus may not appear in certain embedded windows. #50136 (Also in 40, 41)
• Fixed an issue where additionalData passed to app.requestSingleInstanceLock on Windows could be truncated or fail to deserialize in the primary instance's second-instance event. #50174 (Also in 38, 40, 41)
• Fixed an issue where screen.getCursorScreenPoint() crashed on Wayland when it was called before a BrowserWindow had been created. #50106 (Also in 40, 41)
• Fixed an issue where calling setBounds on a WebContentsView could trigger redundant page-favicon-updated events even when the favicon had not changed. #50086 (Also in 40, 41)
• Fixed an issue where invalid characters in custom protocol or webRequest response header values were not rejected. #50129 (Also in 38, 40, 41)
• Fixed an issue where permission and device-chooser handlers received the top-level page origin instead of the requesting subframe's origin. #50147 (Also in 38, 40, 41)
• Fixed an issue where traffic light buttons would flash at position (0,0) when restoring a window with a custom trafficLightPosition from minimization on macOS. #50208 (Also in 40, 41)
• Fixed bug where opening a message box immediately upon closing a child window may cause the parent window to freeze on Windows. #50190 (Also in 40, 41)
• Fixed menu bar hiding after a call to win.setFullScreen(false) when not in fullscreen on Linux. #49995 (Also in 40, 41)
• Fixed shutdown crash on windows when hidden titlebar is enabled. #50054 (Also in 40, 41)
• Reverted AltGr key fix that caused menu bar to no longer show on Windows. #50109 (Also in 40, 41)

... (truncated)

Commits

• 7007907 chore: cherry-pick 3 changes from chromium (#50461)
• 2c8b6ee chore: cherry-pick fbfb27470bf6 from chromium (#50436)
• 4c64377 chore: cherry-pick 50b057660b4d from chromium (#50440)
• 0ef0561 fix: read nodeIntegrationInWorker from per-frame WebPreferences (#50122) (#50...
• 64373df chore: cherry-pick 074d472db745 from chromium (#50443)
• 13e4407 fix: don't re-parse URL unnecessarily when handling dialogs (#50400)
• 16a0385 ci: output build cache hit rate as GHA annotation (#50369)
• 00a492d chore: Respect HTTP(S) proxy env variable for Yarn (#50349)
• 290a77b fix: correctly track BaseWindow::IsActive() on MacOS (#50338)
• 87baa17 fix: ensure WebContents::WasShown runs when window is shown (#50341)
• Additional commits viewable in compare view

Updates electron from 17.0.1 to 39.8.4

Release notes

Sourced from electron's releases.

electron v39.8.4

Release Notes for v39.8.4

Fixes

• Fixed an issue where nodeIntegrationInWorker overrides in setWindowOpenHandler were not honored for child windows sharing a renderer process with their opener. #50468 (Also in 38, 40, 41)
• Fixed crash when handling JavaScript dialogs from windows opened with invalid or empty URLs. #50400 (Also in 40, 41, 42)
• Fixed improper focus tracking in BaseWindow on MacOS. #50338 (Also in 40, 41, 42)
• Fixed window freeze when failing to enter/exit fullscreen on macOS. #50341 (Also in 40, 41, 42)

Other Changes

• Added support for using a proxy during yarn install. #50349 (Also in 40, 41, 42)
• Backported fix for 485935305. #50440
• Backported fix for 489381399. #50443
• Backported fix for chromium:475877320. #50436
• Backported fixes for 484751092, 487117772. #50461

electron v39.8.3

Release Notes for v39.8.3

Fixes

• Added additional ASAR support to additional fs copy methods. #50284 (Also in 40, 41, 42)
• Fixed user resizing of transparent windows on win32 platform. #50300 (Also in 40, 41, 42)

electron v39.8.2

Release Notes for v39.8.2

Other Changes

• Backported fix for b/491421267. #50230

electron v39.8.1

Release Notes for v39.8.1

Fixes

• Added validation to protocol client methods to reject protocol names that do not conform to the RFC 3986 URI scheme grammar. #50156 (Also in 38, 40, 41)
• Fixed an issue on macOS where calling autoUpdater.quitAndInstall() could fail if checkForUpdates() was called again after an update was already downloaded. #50215 (Also in 40, 41)
• Fixed an issue where Chrome Devtools menus may not appear in certain embedded windows. #50136 (Also in 40, 41)
• Fixed an issue where additionalData passed to app.requestSingleInstanceLock on Windows could be truncated or fail to deserialize in the primary instance's second-instance event. #50174 (Also in 38, 40, 41)
• Fixed an issue where screen.getCursorScreenPoint() crashed on Wayland when it was called before a BrowserWindow had been created. #50106 (Also in 40, 41)
• Fixed an issue where calling setBounds on a WebContentsView could trigger redundant page-favicon-updated events even when the favicon had not changed. #50086 (Also in 40, 41)
• Fixed an issue where invalid characters in custom protocol or webRequest response header values were not rejected. #50129 (Also in 38, 40, 41)
• Fixed an issue where permission and device-chooser handlers received the top-level page origin instead of the requesting subframe's origin. #50147 (Also in 38, 40, 41)
• Fixed an issue where traffic light buttons would flash at position (0,0) when restoring a window with a custom trafficLightPosition from minimization on macOS. #50208 (Also in 40, 41)
• Fixed bug where opening a message box immediately upon closing a child window may cause the parent window to freeze on Windows. #50190 (Also in 40, 41)
• Fixed menu bar hiding after a call to win.setFullScreen(false) when not in fullscreen on Linux. #49995 (Also in 40, 41)
• Fixed shutdown crash on windows when hidden titlebar is enabled. #50054 (Also in 40, 41)
• Reverted AltGr key fix that caused menu bar to no longer show on Windows. #50109 (Also in 40, 41)

... (truncated)

Commits

• 7007907 chore: cherry-pick 3 changes from chromium (#50461)
• 2c8b6ee chore: cherry-pick fbfb27470bf6 from chromium (#50436)
• 4c64377 chore: cherry-pick 50b057660b4d from chromium (#50440)
• 0ef0561 fix: read nodeIntegrationInWorker from per-frame WebPreferences (#50122) (#50...
• 64373df chore: cherry-pick 074d472db745 from chromium (#50443)
• 13e4407 fix: don't re-parse URL unnecessarily when handling dialogs (#50400)
• 16a0385 ci: output build cache hit rate as GHA annotation (#50369)
• 00a492d chore: Respect HTTP(S) proxy env variable for Yarn (#50349)
• 290a77b fix: correctly track BaseWindow::IsActive() on MacOS (#50338)
• 87baa17 fix: ensure WebContents::WasShown runs when window is shown (#50341)
• Additional commits viewable in compare view

Updates electron from 18.3.15 to 41.1.1

Release notes

Sourced from electron's releases.

electron v39.8.4

Release Notes for v39.8.4

Fixes

• Fixed an issue where nodeIntegrationInWorker overrides in setWindowOpenHandler were not honored for child windows sharing a renderer process with their opener. #50468 (Also in 38, 40, 41)
• Fixed crash when handling JavaScript dialogs from windows opened with invalid or empty URLs. #50400 (Also in 40, 41, 42)
• Fixed improper focus tracking in BaseWindow on MacOS. #50338 (Also in 40, 41, 42)
• Fixed window freeze when failing to enter/exit fullscreen on macOS. #50341 (Also in 40, 41, 42)

Other Changes

• Added support for using a proxy during yarn install. #50349 (Also in 40, 41, 42)
• Backported fix for 485935305. #50440
• Backported fix for 489381399. #50443
• Backported fix for chromium:475877320. #50436
• Backported fixes for 484751092, 487117772. #50461

electron v39.8.3

Release Notes for v39.8.3

Fixes

• Added additional ASAR support to additional fs copy methods. #50284 (Also in 40, 41, 42)
• Fixed user resizing of transparent windows on win32 platform. #50300 (Also in 40, 41, 42)

electron v39.8.2

Release Notes for v39.8.2

Other Changes

• Backported fix for b/491421267. #50230

electron v39.8.1

Release Notes for v39.8.1

Fixes

• Added validation to protocol client methods to reject protocol names that do not conform to the RFC 3986 URI scheme grammar. #50156 (Also in 38, 40, 41)
• Fixed an issue on macOS where calling autoUpdater.quitAndInstall() could fail if checkForUpdates() was called again after an update was already downloaded. #50215 (Also in 40, 41)
• Fixed an issue where Chrome Devtools menus may not appear in certain embedded windows. #50136 (Also in 40, 41)
• Fixed an issue where additionalData passed to app.requestSingleInstanceLock on Windows could be truncated or fail to deserialize in the primary instance's second-instance event. #50174 (Also in 38, 40, 41)
• Fixed an issue where screen.getCursorScreenPoint() crashed on Wayland when it was called before a BrowserWindow had been created. #50106 (Also in 40, 41)
• Fixed an issue where calling setBounds on a WebContentsView could trigger redundant page-favicon-updated events even when the favicon had not changed. #50086 (Also in 40, 41)
• Fixed an issue where invalid characters in custom protocol or webRequest response header values were not rejected. #50129 (Also in 38, 40, 41)
• Fixed an issue where permission and device-chooser handlers received the top-level page origin instead of the requesting subframe's origin. #50147 (Also in 38, 40, 41)
• Fixed an issue where traffic light buttons would flash at position (0,0) when restoring a window with a custom trafficLightPosition from minimization on macOS. #50208 (Also in 40, 41)
• Fixed bug where opening a message box immediately upon closing a child window may cause the parent window to freeze on Windows. #50190 (Also in 40, 41)
• Fixed menu bar hiding after a call to win.setFullScreen(false) when not in fullscreen on Linux. #49995 (Also in 40, 41)
• Fixed shutdown crash on windows when hidden titlebar is enabled. #50054 (Also in 40, 41)
• Reverted AltGr key fix that caused menu bar to no longer show on Windows. #50109 (Also in 40, 41)

... (truncated)

Commits

• 7007907 chore: cherry-pick 3 changes from chromium (#50461)
• 2c8b6ee chore: cherry-pick fbfb27470bf6 from chromium (#50436)
• 4c64377 chore: cherry-pick 50b057660b4d from chromium (#50440)
• 0ef0561 fix: read nodeIntegrationInWorker from per-frame WebPreferences (#50122) (#50...
• 64373df chore: cherry-pick 074d472db745 from chromium (#50443)
• 13e4407 fix: don't re-parse URL unnecessarily when handling dialogs (#50400)
• 16a0385 ci: output build cache hit rate as GHA annotation (#50369)
• 00a492d chore: Respect HTTP(S) proxy env variable for Yarn (#50349)
• 290a77b fix: correctly track BaseWindow::IsActive() on MacOS (#50338)
• 87baa17 fix: ensure WebContents::WasShown runs when window is shown (#50341)
• Additional commits viewable in compare view

Updates electron from 17.1.2 to 39.8.4

Release notes

Sourced from electron's releases.

electron v39.8.4

Release Notes for v39.8.4

Fixes

• Fixed an issue where nodeIntegrationInWorker overrides in setWindowOpenHandler were not honored for child windows sharing a renderer process with their opener. #50468 (Also in 38, 40, 41)
• Fixed crash when handling JavaScript dialogs from windows opened with invalid or empty URLs. #50400 (Also in 40, 41, 42)
• Fixed improper focus tracking in BaseWindow on MacOS. #50338 (Also in 40, 41, 42)
• Fixed window freeze when failing to enter/exit fullscreen on macOS. #50341 (Also in 40, 41, 42)

Other Changes

• Added support for using a proxy during yarn install. #50349 (Also in 40, 41, 42)
• Backported fix for 485935305. #50440
• Backported fix for 489381399. #50443
• Backported fix for chromium:475877320. #50436
• Backported fixes for 484751092, 487117772. #50461

electron v39.8.3

Release Notes for v39.8.3

Fixes

• Added additional ASAR support to additional fs copy methods. #50284 (Also in 40, 41, 42)
• Fixed user resizing of transparent windows on win32 platform. #50300 (Also in 40, 41, 42)

electron v39.8.2

Release Notes for v39.8.2

Other Changes

• Backported fix for b/491421267. #50230

electron v39.8.1

Release Notes for v39.8.1

Fixes

• Added validation to protocol client methods to reject protocol names that do not conform to the RFC 3986 URI scheme grammar. #50156 (Also in 38, 40, 41)
• Fixed an issue on macOS where calling autoUpdater.quitAndInstall() could fail if checkForUpdates() was called again after an update was already downloaded. #50215 (Also in 40, 41)
• Fixed an issue where Chrome Devtools menus may not appear in certain embedded windows. #50136 (Also in 40, 41)
• Fixed an issue where additionalData passed to app.requestSingleInstanceLock on Windows could be truncated or fail to deserialize in the primary instance's second-instance event. #50174 (Also in 38, 40, 41)
• Fixed an issue where screen.getCursorScreenPoint() crashed on Wayland when it was called before a BrowserWindow had been created. #50106 (Also in 40, 41)
• Fixed an issue where calling setBounds on a WebContentsView could trigger redundant page-favicon-updated events even when the favicon had not changed. #50086 (Also in 40, 41)
• Fixed an issue where invalid characters in custom protocol or webRequest response header values were not rejected. #50129 (Also in 38, 40, 41)
• Fixed an issue where permission and device-chooser handlers received the top-level page origin instead of the requesting subframe's origin. #50147 (Also in 38, 40, 41)
• Fixed an issue where traffic light buttons would flash at position (0,0) when restoring a window with a custom trafficLightPosition from minimization on macOS. #50208 (Also in 40, 41)
• Fixed bug where opening a message box immediately upon closing a child window may cause the parent window to freeze on Windows. #50190 (Also in 40, 41)
• Fixed menu bar hiding after a call to win.setFullScreen(false) when not in fullscreen on Linux. #49995 (Also in 40, 41)
• Fixed shutdown crash on windows when hidden titlebar is enabled. #50054 (Also in 40, 41)
• Reverted AltGr key fix that caused menu bar to no longer show on Windows. #50109 (Also in 40, 41)

... (truncated)

Commits

• 7007907 chore: cherry-pick 3 changes from chromium (#50461)
• 2c8b6ee chore: cherry-pick fbfb27470bf6 from chromium (#50436)
• 4c64377 chore: cherry-pick 50b057660b4d from chromium (#50440)
• 0ef0561 fix: read nodeIntegrationInWorker from per-frame WebPreferences (#50122) (#50...
• 64373df chore: cherry-pick 074d472db745 from chromium (#50443)
• 13e4407 fix: don't re-parse URL unnecessarily when handling dialogs (#50400)
• 16a0385 ci: output build cache hit rate as GHA annotation (#50369)
• 00a492d chore: Respect HTTP(S) proxy env variable for Yarn (#50349)
• 290a77b fix: correctly track BaseWindow::IsActive() on MacOS (#50338)
• 87baa17 fix: ensure WebContents::WasShown runs when window is shown (#50341)
• Additional commits viewable in compare view

Updates handlebars from 4.7.7 to 4.7.9

Release notes

Sourced from handlebars's releases.

v4.7.9

• fix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2
• fix type "RuntimeOptions" also accepting string partials - eab1d14
• feat(types): set hash to be a Record<string, any> - de4414d
• fix non-contiguous program indices - 4512766
• refactor: rename i to startPartIndex - e497a35
• security: fix security issues - 68d8df5
  • GHSA-2w6w-674q-4c4q
  • GHSA-3mfm-83xf-c92r
  • GHSA-xhpv-hc6g-r9c6
  • GHSA-xjpj-3mr7-gcpf
  • GHSA-9cx6-37pm-9jff
  • GHSA-2qvq-rjwj-gvw9
  • GHSA-7rx3-28cr-v5wh
  • GHSA-442j-39wm-28r2

Commits

v4.7.8

• Make library compatible with workers (#1894) - 3d3796c
• Don't rely on Node.js global object (#1776) - 2954e7e
• Fix compiling of each block params in strict mode (#1855) - 30dbf04
• Fix rollup warning when importing Handlebars as ESM - 03d387b
• Fix bundler issue with webpack 5 (#1862) - c6c6bbb
• Use https instead of git for mustache submodule - 88ac068

Commits

Changelog

Sourced from handlebars's changelog.

v4.7.9 - March 26th, 2026

• fix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2
• fix type "RuntimeOptions" also accepting string partials - eab1d14
• feat(types): set hash to be a Record<string, any> - de4414d
• fix non-contiguous program indices - 4512766
• refactor: rename i to startPartIndex - e497a35
• security: fix security issues - 68d8df5

Commits

v4.7.8 - July 27th, 2023

• Make library compatible with workers (#1894) - 3d3796c
• Don't rely on Node.js global object (#1776) - 2954e7e
• Fix compiling of each block params in strict mode (#1855) - 30dbf04
• Fix rollup warning when importing Handlebars as ESM - 03d387b
• Fix bundler issue with webpack 5 (#1862) - c6c6bbb
• Use https instead of git for mustache submodule - 88ac068

Commits

Commits

• dce542c v4.7.9
• 8a41389 Update release notes
• 68d8df5 Fix security issues
• b2a0831 Fix browser tests
• 9f98c16 Fix release script
• 45443b4 Revert "Improve partial indenting performance"
• 8841a5f Fix CI errors with linting
• e0137c2 fix: enable shell mode for spawn to resolve Windows EINVAL issue
• e914d60 Improve rendering performance
• 7de4b41 Upgrade GitHub Actions checkout and setup-node on 4.x branch
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by jaylinski, a new releaser for handlebars since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.