Skip to content

build(deps): bump nanotar from 0.2.0 to 0.3.0 in the dependencies group#626

Merged
tylerbutler merged 1 commit intomainfrom
dependabot-npm_and_yarn-dependencies-96a9de8fd5
Feb 14, 2026
Merged

build(deps): bump nanotar from 0.2.0 to 0.3.0 in the dependencies group#626
tylerbutler merged 1 commit intomainfrom
dependabot-npm_and_yarn-dependencies-96a9de8fd5

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 12, 2026
edited
Loading

Bumps the dependencies group with 1 update: nanotar.

Updates nanotar from 0.2.0 to 0.3.0

Release notes

Sourced from nanotar's releases.

v0.3.0

compare changes

Changes in #31 also backported to v0.2.1; however, it WAS NOT a security issue (see #59 for appeal).

🚀 Enhancements

  • parse: ⚠️ Support extended item types and headers (#30)
  • parse: Handle long file names (#31)

🩹 Fixes

  • Sanitise paths (#58)

✅ Tests

  • Add additional tests for different formats (f13b802)
  • Update fixture (6fa56df)

❤️ Contributors

Changelog

Sourced from nanotar's changelog.

v0.3.0

compare changes

🚀 Enhancements

  • parse: ⚠️ Support extended item types and headers (#30)
  • parse: Handle long file names (#31)

🩹 Fixes

  • Sanitise paths (#58)

🏡 Chore

✅ Tests

  • Add additional tests for different formats (f13b802)
  • Update fixture (6fa56df)

⚠️ Breaking Changes

  • parse: ⚠️ Support extended item types and headers (#30)

❤️ Contributors

Commits
  • 32ffc34 chore(release): v0.3.0
  • 322f967 fix: sanitise paths (#58)
  • a52e49e chore(deps): update devdependency @​types/node to ^22.19.1 (#52)
  • d7feb9f chore(deps): update all non-major dependencies (#48)
  • e7138db chore(deps): update all non-major dependencies (#47)
  • a7d7452 chore(deps): update all non-major dependencies (#44)
  • d36693d chore(deps): update all non-major dependencies (#43)
  • 2872f34 chore(deps): update all non-major dependencies (#41)
  • 0649ee1 chore(deps): update autofix-ci/action digest to 635ffb0 (#42)
  • 4fe65ab chore(deps): update devdependency vitest to v3.0.5 [security] (#37)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Feb 12, 2026
@changeset-bot
Copy link

changeset-bot bot commented Feb 12, 2026
edited
Loading

⚠️ No Changeset found

Latest commit: 71d1695

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@codecov
Copy link

codecov bot commented Feb 12, 2026

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

@dependabot
build(deps): bump nanotar from 0.2.0 to 0.3.0 in the dependencies group
71d1695 
Bumps the dependencies group with 1 update: [nanotar](https://github.com/unjs/nanotar).


Updates `nanotar` from 0.2.0 to 0.3.0
- [Release notes](https://github.com/unjs/nanotar/releases)
- [Changelog](https://github.com/unjs/nanotar/blob/main/CHANGELOG.md)
- [Commits](unjs/nanotar@v0.2.0...v0.3.0)

---
updated-dependencies:
- dependency-name: nanotar
  dependency-version: 0.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot-npm_and_yarn-dependencies-96a9de8fd5 branch from 16a8e44 to 71d1695 Compare February 13, 2026 21:11
@tylerbutler tylerbutler merged commit 095398c into main Feb 14, 2026
16 checks passed
@tylerbutler tylerbutler deleted the dependabot-npm_and_yarn-dependencies-96a9de8fd5 branch February 14, 2026 04:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@tylerbutler