Bump mathjs from 9.4.3 to 15.2.0

[dependabot]

Bumps mathjs from 9.4.3 to 15.2.0.

Changelog

Sourced from mathjs's changelog.

2026-04-07, 15.2.0

• Feat: Add amp-hour charge unit Ah (#3617). Thanks @​adrfantini.
• Feat: #3595 implement num and den functions returning the parts of a fraction (#3605). Thanks @​AnslemHack.
• Fix: Provide TypeScript types for [and/or]TransformDependencies (#3639). Thanks @​NilsDietrich.
• Fix: two security vulnerabilities that allowed executing arbitrary JavaScript via the expression parser. Thanks @​CykuTW for finding and reporting them.

2026-02-10, 15.1.1

• Fix: #3631 Handle bigints in compareNatural (#3632). Thanks @​Dheemanth07.
• Fix: #3578 interpret empty true-expr of conditional as error (#3581). Thanks @​gwhitney.
• Fix: #3597 added nullish type definitions (#3601). Thanks @​Ayo1984.
• Docs: Correct several arithmetic and relational documentation examples and add History (#3630). Thanks @​Anadian.
• Docs: fix #3565, update Matrix documentation (#3591). Thanks @​orelbn.
• Docs: #3341 add per-function HISTORY sections (#3606). Thanks @​gwhitney.
• Docs: describe that setDistinct sorts the elements (see #3602).

2025-11-05, 15.1.0

• Feat: implement functions isFinite and isBounded (#3554, #3553). Thanks @​gwhitney.
• Feat: add function bernoulli to calculate Bernoulli numbers (#3551). Thanks @​gwhitney.
• Feat: support for optional chaining object?.key (#3547). Thanks @​NilsDietrich.
• Fix: #3580, #3586, #3587 issues with the optional chaining operator: disallow double dot ?.., allow optional function calls, throw errors on invalid uses of ?. (#3585). Thanks @​AnslemHack.
• Fix: #3579 conditional parsed as optional chaining (#3584).
• Fix: #3564 Avoid error throws when mapping/filtering empty arrays/matrices. (#3567). Thanks @​richardt-cla.
• Fix: #3574 respect tolerances in function isInteger (#3575). Thanks @​gwhitney.
• Fix: #3562 serializing units missing an internal property (#3572).

2025-10-10, 15.0.0

!!! BE CAREFUL: BREAKING CHANGES !!!

• Feat: #3349 Decouple precedence of unary percentage operator and binary modulus operator (that both use symbol %), and raise the former (#3432). Thanks @​kiprobinsonknack.
• Feat: #1753 enhance Kronecker product to handle arbitrary dimension (#3461, #3455). Thanks @​gwhitney and @​Delaney.
• Feat: #2344 matrix subset according to the type of input (#3485).

... (truncated)

Commits

• fee4561 chore: publish v15.2.0
• 139dcab chore: update history
• 0aee2f6 fix: two security vulnerabilities allowing execution of arbitrary JavaScript ...
• f7c10b1 feat: Fraction numerator and denominator helper functions (#3605)
• 2066220 feat: Add Ah charge unit (#3617)
• 685da0f chore: Add andTransformDependencies and orTransformDependencies to index.d.ts...
• 8fe12e5 docs: update links to TestMu AI
• e50b18b chore: fix linting issues
• e910b54 chore: publish v15.1.1
• ed10f50 chore: run npm audit fix
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[marado]

This is clearly not enough, the version limit is there for a reason...

[marado]

As pointed out in a pull request to the advisory, I don't believe that the advisory is right in flagging mathjs versions <9.4.4 (which we depend on) as vulnerable.

I'm not closing the PR yet, until that one remains unmerged.

[marado]

With the change to the advisory it is confirmed that the security issues do not affect the mathjs versions accepted in TalkerNode, and thus this PR is not needed. Closing.

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.