Skip to content

Comments

Bump bn.js and brunch in /assets#36

Open
dependabot[bot] wants to merge 1 commit intoyolofrom
dependabot/npm_and_yarn/assets/multi-ba0752bec9
Open

Bump bn.js and brunch in /assets#36
dependabot[bot] wants to merge 1 commit intoyolofrom
dependabot/npm_and_yarn/assets/multi-ba0752bec9

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 21, 2026

Bumps bn.js to 5.2.3 and updates ancestor dependency brunch. These dependencies need to be updated together.

Updates bn.js from 4.12.2 to 5.2.3

Release notes

Sourced from bn.js's releases.

v5.2.1

  • fix: serious issue in .toString(16) (#295)

v5.2.0

  • fix: Buffer not using global in browser (#260)
  • fix: LE constructor for HEX (#265)

v5.1.3

  • Add support for defined but not implemented Symbol.for (#252)

v5.1.2

  • Fix BN v5/v4 interoperability issue (#249)

v5.1.1

  • Temporary workaround for BN#_move (#236)
  • Add eslintrc instead config in package.json (#237)

v5.1.0

  • Benchmark for BigInt (#226)
  • Add documentation for max/min (#232)
  • Update BN#inspect for Symbols (#225)
  • Improve performance of toArrayLike (#222)
  • temporary disable jumboMulTo in BN#mulTo (#221)
  • optimize toBitArray function (#212)
  • fix iaddn sign issue (#216)

v5.0.0

  • travis: update node versions (#205)
  • Refactor buffer constructor (#200)
  • lib: fix for negative numbers: imuln, modrn, idivn (#185)
  • bn: fix Red#imod (#178)
  • check unexpected high bits for invalid characters (#173)
  • document support very large integers (#158)
  • only define toBuffer if Buffer is defined (#172)
  • lib: better validation of string input (#151)
  • tests: reject decimal input in constructor (#91)
  • bn: make .strip() an internal method (#105)
  • lib: deprecate .modn() introduce .modrn() (#112 #129 #130)
  • bn: don't accept invalid characters (#141)
  • package: use files insteadof .npmignore (#152)
  • bn: improve allocation speed for buffers (#167)
  • toJSON to default to interoperable hex (length % 2) (#164)
Changelog

Sourced from bn.js's changelog.

5.2.3 / 2026-02-19

  • fix: imaskn state (#317)

5.2.2 / 2025-04-25

  • fix: imuln/muln with zero (#313)

5.2.1 / 2022-02-23

  • fix: serious issue in .toString(16) (#295)

5.2.0 / 2021-02-23

  • fix: Buffer not using global in browser (#260)
  • Fix LE constructor for HEX (#265)

5.1.3 / 2020-08-14

  • Add support for defined but not implemented Symbol.for (#252)

5.1.2 / 2020-05-20

  • Fix BN v5/v4 interoperability issue (#249)

5.1.1 / 2019-12-24

  • Temporary workaround for BN#_move (#236)
  • Add eslintrc instead config in package.json (#237)

5.1.0 / 2019-12-23

  • Benchmark for BigInt (#226)
  • Add documentation for max/min (#232)
  • Update BN#inspect for Symbols (#225)
  • Improve performance of toArrayLike (#222)
  • temporary disable jumboMulTo in BN#mulTo (#221)
  • optimize toBitArray function (#212)
  • fix iaddn sign issue (#216)

5.0.0 / 2019-07-04

... (truncated)

Commits

Updates brunch from 2.10.17 to 4.0.2

Release notes

Sourced from brunch's releases.

4.0.2

What's Changed

Full Changelog: brunch/brunch@4.0.1...4.0.2

4.0.0

  • Breaking: Require node.js 12.13 or higher
  • Breaking: Remove node-browser-modules:
    • This part of Brunch shimmed well-known node.js built-in modules and provided them for browsers - such as buffer and util
    • It increased Brunch package size massively and the modules themselves were outdated
    • Now, if you need to use "node.js" module, install proper shim from NPM
    • NPM packages can be used as before, this change only affects built-ins

3.0.0

  • Make config optional; and you could have it in package.json
  • Build speed-ups up to 1.5x for some cases.
  • Built-in webserver is now using serve-handler from micro(1) webserver. Custom webservers are unaffected.
  • Breaking: Require node.js 10.16 or higher
  • Breaking: Remove Bower and AMD support
  • Breaking: Remove support for CoffeeScript brunch configs, emit a command that would compile coffee file to js
  • Breaking: New node.js API - use brunch.build() from node without hassle
  • Decrease package size by a huge amount:
    • Update Chokidar to 3.0
    • Remove or integrate many dependencies
    • Update dependencies to latest versions
Changelog

Sourced from brunch's changelog.

Brunch 4.0.0 (Feb 18, 2021)

  • Breaking: Require node.js 12.13 or higher
  • Breaking: Remove node-browser-modules:
    • This part of Brunch shimmed well-known node.js built-in modules and provided them for browsers - such as buffer and util
    • It increased Brunch package size massively and the modules themselves were outdated
    • Now, if you need to use "node.js" module, install proper shim from NPM
    • NPM packages can be used as before, this change only affects built-ins

Brunch 3.0.0 (Dec 16, 2019)

  • Make config optional; and you could have it in package.json
  • Build speed-ups up to 1.5x for some cases.
  • Built-in webserver is now using serve-handler from micro(1) webserver. Custom webservers are unaffected.
  • Breaking: Require node.js 10.16 or higher
  • Breaking: Remove Bower and AMD support
  • Breaking: Remove support for CoffeeScript brunch configs, emit a command that would compile coffee file to js
  • Breaking: New node.js API - use brunch.build() from node without hassle
  • Decrease package size by a huge amount:
    • Update Chokidar to 3.0
    • Remove or integrate many dependencies
    • Update dependencies to latest versions

Brunch 0.9 (Jan 10, 2012)

  • Initial release with the current architecture.

See full changelog at .github/full_changelog.md

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump bn.js and brunch in /assets
e22c11c 
Bumps [bn.js](https://github.com/indutny/bn.js) to 5.2.3 and updates ancestor dependency [brunch](https://github.com/brunch/brunch). These dependencies need to be updated together.


Updates `bn.js` from 4.12.2 to 5.2.3
- [Release notes](https://github.com/indutny/bn.js/releases)
- [Changelog](https://github.com/indutny/bn.js/blob/master/CHANGELOG.md)
- [Commits](indutny/bn.js@v4.12.2...v5.2.3)

Updates `brunch` from 2.10.17 to 4.0.2
- [Release notes](https://github.com/brunch/brunch/releases)
- [Changelog](https://github.com/brunch/brunch/blob/master/CHANGELOG.md)
- [Commits](brunch/brunch@2.10.17...4.0.2)

---
updated-dependencies:
- dependency-name: bn.js
  dependency-version: 5.2.3
  dependency-type: indirect
- dependency-name: brunch
  dependency-version: 4.0.2
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Feb 21, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants