Bump @nevware21/ts-utils from 0.13.0 to 0.14.0 in /Extension by dependabot[bot] · Pull Request #14469 · microsoft/vscode-cpptools

dependabot · 2026-05-21T22:08:49Z

Bumps @nevware21/ts-utils from 0.13.0 to 0.14.0.

Release notes

Sourced from @nevware21/ts-utils's releases.

0.14.0

Changelog

Features

#525 feat(array): add new array helpers and array-like detection

New helpers: isArrayLike, arrUnique, arrCompact, arrFlatten, arrGroupBy, arrChunk and export previously missed isArrayLike

#527 feat(string): add strReplace and strReplaceAll helpers with refactored internal replacements

#528 feat(string): add strCapitalizeWords helper

#529 / #530 feat(string): add strTruncate, strCount, strAt, and strMatchAll helpers with shared literal regex helper

#533 feat(array): add arrFlatMap with ES5 polyfill support

#535 docs(types): add typing utilities for v0.14.0 and expand TSDoc examples

#536 feat: add isAsyncIterable and isIntegerInRange type/value inspection helpers

#543 feat(string): add strStartsWithAny, strEndsWithAny, strWrap, strUnwrap, and strNormalizeNewlines helpers

#564 feat(object): add new object utility helpers and harden defaults against prototype pollution

New helpers: objPick, objOmit, objPickBy, objOmitBy — property selection and omission with typed overloads

New helpers: objMapValues — create a new object with values transformed by a mapper function

New helpers: objMergeIf, objDefaults — conditional merge and shallow defaults (similar to Lodash _.defaults) hardened against prototype pollution

New helper: objDiff — shallow diff returning only changed/added keys from a modified object vs a base

New helpers: forEachOwnKey, forEachOwnKeySafe — iteration over both string and symbol keys (existing forEachOwnKeySafe was string-only)

New helper: objForEachKeySafe — safe string-key iteration that filters __proto__, constructor, prototype

Extended isUnsafeTarget coverage to TypedArrays, ArrayBuffer, DataView, WeakRef, FinalizationRegistry

Security Issue

CVE-2026-46681 Prototype Pollution in objDeepCopy/objCopyProps via for...in without hasOwnProperty

Also affected setValueByKey and setValueByIter

#565 feat: add prototype-pollution guards and array key helpers

Bug Fixes

#558 Fix ES2015 built-in type errors in consumers by adding lib reference directive to published declarations

Consumers using "lib": ["ES5", "DOM"] (or omitting lib) received Cannot find name 'Symbol' / Cannot find name 'Iterator' errors because the published .d.ts exposed ES2015 types without declaring the dependency

Added /// <reference lib="es2015" /> to the source entry points (index.ts, polyfills.ts) and a new post-processing script (lib/scripts/setTsReferences.js) that prepends the directive to the api-extractor bundled output (api-extractor strips these directives from its rollup)

Added "lib": ["ES2015", "DOM"] to all library and test tsconfig files for consistent compile-time validation

Net effect: consumers no longer need to add "ES2015" to their own tsconfig.json lib settings

#561 Bug: Falsy thisArg (0, '', false) overridden in arrForEach/iterForOf/objForEachKey

#566 Fix falsy thisArg (0, '', false) being overridden in arrForEach, iterForOf, objForEachKey

#562 Fix thisArg binding in polyArrFindIndex / polyArrFindLastIndex polyfills

Repository Improvements

#549 Drop Node.js 16 from CI matrix and add Node.js 24

#552 Upgrade Grunt devDependency to v1.6.2

#554 Add funding metadata to published package manifests

#556 Add release PR instructions to Copilot instructions

Full Changelog

Changelog

Sourced from @nevware21/ts-utils's changelog.

v0.14.0 May 18th, 2026

Changelog

Features

#525 feat(array): add new array helpers and array-like detection

New helpers: isArrayLike, arrSlice, and other array utility improvements

#527 feat(string): add strReplace and strReplaceAll helpers with refactored internal replacements

#528 feat(string): add strCapitalizeWords helper

#529 / #530 feat(string): add strTruncate, strCount, strAt, and strMatchAll helpers with shared literal regex helper

#533 feat(array): add arrFlatMap with ES5 polyfill support

#535 docs(types): add typing utilities for v0.14.0 and expand TSDoc examples

#536 feat: add isAsyncIterable and isIntegerInRange type/value inspection helpers

#543 feat(string): add strStartsWithAny, strEndsWithAny, strWrap, strUnwrap, and strNormalizeNewlines helpers

#564 feat(object): add new object utility helpers and harden defaults against prototype pollution

New helpers: objPick, objOmit, objPickBy, objOmitBy — property selection and omission with typed overloads

New helpers: objMapValues — create a new object with values transformed by a mapper function

New helpers: objMergeIf, objDefaults — conditional merge and shallow defaults (similar to Lodash _.defaults) hardened against prototype pollution

New helper: objDiff — shallow diff returning only changed/added keys from a modified object vs a base

New helpers: forEachOwnKey, forEachOwnKeySafe — iteration over both string and symbol keys (existing forEachOwnKeySafe was string-only)

New helper: objForEachKeySafe — safe string-key iteration that filters __proto__, constructor, prototype

Extended isUnsafeTarget coverage to TypedArrays, ArrayBuffer, DataView, WeakRef, FinalizationRegistry

Security Issue

CVE-2026-46681 Prototype Pollution in objDeepCopy/objCopyProps via for...in without hasOwnProperty

Also affected setValueByKey and setValueByIter

#565 feat: add prototype-pollution guards and array key helpers

Bug Fixes

#558 Fix ES2015 built-in type errors in consumers by adding lib reference directive to published declarations

Consumers using "lib": ["ES5", "DOM"] (or omitting lib) received Cannot find name 'Symbol' / Cannot find name 'Iterator' errors because the published .d.ts exposed ES2015 types without declaring the dependency

Added /// <reference lib="es2015" /> to the source entry points (index.ts, polyfills.ts) and a new post-processing script (lib/scripts/setTsReferences.js) that prepends the directive to the api-extractor bundled output (api-extractor strips these directives from its rollup)

Added "lib": ["ES2015", "DOM"] to all library and test tsconfig files for consistent compile-time validation

Net effect: consumers no longer need to add "ES2015" to their own tsconfig.json lib settings

#561 Bug: Falsy thisArg (0, '', false) overridden in arrForEach/iterForOf/objForEachKey

#566 Fix falsy thisArg (0, '', false) being overridden in arrForEach, iterForOf, objForEachKey

#562 Fix thisArg binding in polyArrFindIndex / polyArrFindLastIndex polyfills

Repository Improvements

#549 Drop Node.js 16 from CI matrix and add Node.js 24

#552 Upgrade Grunt devDependency to v1.6.2

#554 Add funding metadata to published package manifests

#556 Add release PR instructions to Copilot instructions

Dependency Updates

... (truncated)

Commits

45cb369 [Release] Increase version to 0.14.0 (#567)
5e887f4 Add new object utility helpers and harden defaults against prototype pollutio...
0a486d3 Bug: Falsy thisArg (0, '', false) overridden in arrForEach/iterForOf/objForEa...
9362b6e Bump puppeteer from 24.43.1 to 25.0.2 (#559)
d65f853 Fix thisArg binding in polyArrFindIndex / polyArrFindLastIndex polyfill...
26b4766 Add prototype-pollution guards and array key helpers (#565)
4d28559 Fix ES2015 built-in type errors in consumers by adding lib reference directiv...
da838a4 docs: add release PR instructions to copilot instructions (#556)
97d40a2 Add funding metadata to published package manifests (#554)
287f7c9 Upgrade Grunt devDependency to v1.6.2 (#552)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [@nevware21/ts-utils](https://github.com/nevware21/ts-utils) from 0.13.0 to 0.14.0. - [Release notes](https://github.com/nevware21/ts-utils/releases) - [Changelog](https://github.com/nevware21/ts-utils/blob/main/CHANGELOG.md) - [Commits](nevware21/ts-utils@0.13.0...0.14.0) --- updated-dependencies: - dependency-name: "@nevware21/ts-utils" dependency-version: 0.14.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

* Bump uuid from 8.3.2 to 14.0.0 in /.github/actions (#14402) Bumps [uuid](https://github.com/uuidjs/uuid) from 8.3.2 to 14.0.0. - [Release notes](https://github.com/uuidjs/uuid/releases) - [Changelog](https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md) - [Commits](uuidjs/uuid@v8.3.2...v14.0.0) --- updated-dependencies: - dependency-name: uuid dependency-version: 14.0.0 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump @xmldom/xmldom from 0.8.12 to 0.8.13 in /Extension (#14403) Bumps [@xmldom/xmldom](https://github.com/xmldom/xmldom) from 0.8.12 to 0.8.13. - [Release notes](https://github.com/xmldom/xmldom/releases) - [Changelog](https://github.com/xmldom/xmldom/blob/master/CHANGELOG.md) - [Commits](xmldom/xmldom@0.8.12...0.8.13) --- updated-dependencies: - dependency-name: "@xmldom/xmldom" dependency-version: 0.8.13 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Sean McManus <seanmcm@microsoft.com> * clang-analyazer (#14411) * Adding additional parse checking logic (#14407) Adding additional parse checking logic to determine if idle state has no pending calls and finished workspace parsing, file parsing, and intellisense updates. * Update changelog and version for 1.32.2. (#14415) * Add Native Strings (#14419) * address codeQL issues (#14425) * Database population unification (#14426) * Bump ip-address from 10.1.0 to 10.2.0 in /.github/actions (#14429) Bumps [ip-address](https://github.com/beaugunderson/ip-address) from 10.1.0 to 10.2.0. - [Commits](https://github.com/beaugunderson/ip-address/commits) --- updated-dependencies: - dependency-name: ip-address dependency-version: 10.2.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump axios from 1.15.0 to 1.16.0 in /.github/actions (#14431) Bumps [axios](https://github.com/axios/axios) from 1.15.0 to 1.16.0. - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](axios/axios@v1.15.0...v1.16.0) --- updated-dependencies: - dependency-name: axios dependency-version: 1.16.0 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Add telemetry for run without debugging (#14428) * Allow for scheduling CI on any branch on demand (#14433) * Bump fast-xml-builder from 1.1.4 to 1.1.9 in /.github/actions (#14436) Bumps [fast-xml-builder](https://github.com/NaturalIntelligence/fast-xml-builder) from 1.1.4 to 1.1.9. - [Changelog](https://github.com/NaturalIntelligence/fast-xml-builder/blob/main/CHANGELOG.md) - [Commits](NaturalIntelligence/fast-xml-builder@v1.1.4...1.1.9) --- updated-dependencies: - dependency-name: fast-xml-builder dependency-version: 1.1.9 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump fast-uri from 3.1.0 to 3.1.2 in /Themes (#14437) Bumps [fast-uri](https://github.com/fastify/fast-uri) from 3.1.0 to 3.1.2. - [Release notes](https://github.com/fastify/fast-uri/releases) - [Commits](fastify/fast-uri@v3.1.0...v3.1.2) --- updated-dependencies: - dependency-name: fast-uri dependency-version: 3.1.2 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump fast-uri from 3.1.0 to 3.1.2 in /ExtensionPack (#14438) Bumps [fast-uri](https://github.com/fastify/fast-uri) from 3.1.0 to 3.1.2. - [Release notes](https://github.com/fastify/fast-uri/releases) - [Commits](fastify/fast-uri@v3.1.0...v3.1.2) --- updated-dependencies: - dependency-name: fast-uri dependency-version: 3.1.2 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Sean McManus <seanmcm@microsoft.com> * Bump fast-uri from 3.1.0 to 3.1.2 in /Extension (#14439) Bumps [fast-uri](https://github.com/fastify/fast-uri) from 3.1.0 to 3.1.2. - [Release notes](https://github.com/fastify/fast-uri/releases) - [Commits](fastify/fast-uri@v3.1.0...v3.1.2) --- updated-dependencies: - dependency-name: fast-uri dependency-version: 3.1.2 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update postcss. (#14444) * Update fast-xml-parser. (#14445) * add strings to localize (#14448) * cpptools-srv2 crash handler. (#14449) * cpptools-srv2 crash handler. * Bump uuid and @azure/identity in /ExtensionPack (#14468) Removes [uuid](https://github.com/uuidjs/uuid). It's no longer used after updating ancestor dependency [@azure/identity](https://github.com/Azure/azure-sdk-for-js). These dependencies need to be updated together. Removes `uuid` Updates `@azure/identity` from 4.13.0 to 4.13.1 - [Release notes](https://github.com/Azure/azure-sdk-for-js/releases) - [Changelog](https://github.com/Azure/azure-sdk-for-js/blob/main/documentation/Changelog-for-next-generation.md) - [Commits](https://github.com/Azure/azure-sdk-for-js/compare/@azure/identity_4.13.0...@azure/identity_4.13.1) --- updated-dependencies: - dependency-name: uuid dependency-version: dependency-type: indirect - dependency-name: "@azure/identity" dependency-version: 4.13.1 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump @nevware21/ts-utils from 0.13.0 to 0.14.0 in /Extension (#14469) Bumps [@nevware21/ts-utils](https://github.com/nevware21/ts-utils) from 0.13.0 to 0.14.0. - [Release notes](https://github.com/nevware21/ts-utils/releases) - [Changelog](https://github.com/nevware21/ts-utils/blob/main/CHANGELOG.md) - [Commits](nevware21/ts-utils@0.13.0...0.14.0) --- updated-dependencies: - dependency-name: "@nevware21/ts-utils" dependency-version: 0.14.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update localization (#14461) * Localization - Translated Strings --------- Co-authored-by: csigs <csigs@users.noreply.github.com> * Reset status UI if DB fails to open (#14475) * Add "important" doxygen.sectionTags. (#14473) * Add "important" to doxygen.sectionTags. * Add debuginfod launch option to cppdbg debugger schema (#14471) Add the `debuginfod` configuration option to both launch and attach configurations for the cppdbg debugger type. This exposes the MIEngine debuginfod settings (enabled/timeout) so users can control GDB's debuginfod behavior and prevent hangs when debuginfod servers are unreachable. * Bump uuid and @azure/identity in /Themes (#14476) Removes [uuid](https://github.com/uuidjs/uuid). It's no longer used after updating ancestor dependency [@azure/identity](https://github.com/Azure/azure-sdk-for-js). These dependencies need to be updated together. Removes `uuid` Updates `@azure/identity` from 4.13.0 to 4.13.1 - [Release notes](https://github.com/Azure/azure-sdk-for-js/releases) - [Changelog](https://github.com/Azure/azure-sdk-for-js/blob/main/documentation/Changelog-for-next-generation.md) - [Commits](https://github.com/Azure/azure-sdk-for-js/compare/@azure/identity_4.13.0...@azure/identity_4.13.1) --- updated-dependencies: - dependency-name: uuid dependency-version: dependency-type: indirect - dependency-name: "@azure/identity" dependency-version: 4.13.1 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Sean McManus <seanmcm@microsoft.com> * Bump qs from 6.15.0 to 6.15.2 in /Themes (#14477) Bumps [qs](https://github.com/ljharb/qs) from 6.15.0 to 6.15.2. - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.15.0...v6.15.2) --- updated-dependencies: - dependency-name: qs dependency-version: 6.15.2 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Sean McManus <seanmcm@microsoft.com> * Update localization (#14484) * Localization - Translated Strings * Update localization. --------- Co-authored-by: csigs <csigs@users.noreply.github.com> * Bump tmp from 0.2.5 to 0.2.6 in /Extension (#14488) Bumps [tmp](https://github.com/raszi/node-tmp) from 0.2.5 to 0.2.6. - [Changelog](https://github.com/raszi/node-tmp/blob/master/CHANGELOG.md) - [Commits](raszi/node-tmp@v0.2.5...v0.2.6) --- updated-dependencies: - dependency-name: tmp dependency-version: 0.2.6 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump qs from 6.15.0 to 6.15.2 in /Extension (#14489) Bumps [qs](https://github.com/ljharb/qs) from 6.15.0 to 6.15.2. - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.15.0...v6.15.2) --- updated-dependencies: - dependency-name: qs dependency-version: 6.15.2 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump qs from 6.15.0 to 6.15.2 in /ExtensionPack (#14490) Bumps [qs](https://github.com/ljharb/qs) from 6.15.0 to 6.15.2. - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.15.0...v6.15.2) --- updated-dependencies: - dependency-name: qs dependency-version: 6.15.2 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump tmp from 0.2.5 to 0.2.7 in /ExtensionPack (#14492) Bumps [tmp](https://github.com/raszi/node-tmp) from 0.2.5 to 0.2.7. - [Changelog](https://github.com/raszi/node-tmp/blob/master/CHANGELOG.md) - [Commits](raszi/node-tmp@v0.2.5...v0.2.7) --- updated-dependencies: - dependency-name: tmp dependency-version: 0.2.7 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump tmp from 0.2.5 to 0.2.7 in /Themes (#14493) Bumps [tmp](https://github.com/raszi/node-tmp) from 0.2.5 to 0.2.7. - [Changelog](https://github.com/raszi/node-tmp/blob/master/CHANGELOG.md) - [Commits](raszi/node-tmp@v0.2.5...v0.2.7) --- updated-dependencies: - dependency-name: tmp dependency-version: 0.2.7 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Remove compiler argument translation JSON files (#14467) * Update uuid and vsce. (#14495) * Update vsce. * Update uuid. * Update brace-expansion. (#14494) * Add a progress indicator with cancel for Switch Header/Source. (#14386) * Add a progress indicator with Cancel for Switch Header/Source. * Remove always-auth. (#13377) * Remove always-auth. * Update minimum VS Code version to 1.77 and vscode-languageclient to 9.0.1 (#14502) * Update minimum VS Code version to 1.77 since Windows 7 and 8 support was dropped. * Update vscode-languageclient. * Set debuginfod.enable to false (#14506) * Bump shell-quote from 1.8.2 to 1.8.4 in /Extension (#14507) Bumps [shell-quote](https://github.com/ljharb/shell-quote) from 1.8.2 to 1.8.4. - [Changelog](https://github.com/ljharb/shell-quote/blob/main/CHANGELOG.md) - [Commits](ljharb/shell-quote@v1.8.2...v1.8.4) --- updated-dependencies: - dependency-name: shell-quote dependency-version: 1.8.4 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump tmp from 0.2.6 to 0.2.7 in /Extension (#14512) Bumps [tmp](https://github.com/raszi/node-tmp) from 0.2.6 to 0.2.7. - [Changelog](https://github.com/raszi/node-tmp/blob/master/CHANGELOG.md) - [Commits](raszi/node-tmp@v0.2.6...v0.2.7) --- updated-dependencies: - dependency-name: tmp dependency-version: 0.2.7 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump js-yaml from 4.1.1 to 4.2.0 in /Extension (#14514) Bumps [js-yaml](https://github.com/nodeca/js-yaml) from 4.1.1 to 4.2.0. - [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md) - [Commits](https://github.com/nodeca/js-yaml/commits) --- updated-dependencies: - dependency-name: js-yaml dependency-version: 4.2.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump form-data from 4.0.5 to 4.0.6 in /Extension (#14513) Bumps [form-data](https://github.com/form-data/form-data) from 4.0.5 to 4.0.6. - [Release notes](https://github.com/form-data/form-data/releases) - [Changelog](https://github.com/form-data/form-data/blob/master/CHANGELOG.md) - [Commits](form-data/form-data@v4.0.5...v4.0.6) --- updated-dependencies: - dependency-name: form-data dependency-version: 4.0.6 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Sean McManus <seanmcm@microsoft.com> * Minor IntelliSense loc changes. (#14518) * Add plugin-specific login and EULA messages (#14519) These messages will be used by the plugin mode of the standalone language server. * Bump markdown-it from 14.1.1 to 14.2.0 in /Extension (#14522) Bumps [markdown-it](https://github.com/markdown-it/markdown-it) from 14.1.1 to 14.2.0. - [Changelog](https://github.com/markdown-it/markdown-it/blob/master/CHANGELOG.md) - [Commits](markdown-it/markdown-it@14.1.1...14.2.0) --- updated-dependencies: - dependency-name: markdown-it dependency-version: 14.2.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump form-data from 4.0.5 to 4.0.6 in /Themes (#14527) Bumps [form-data](https://github.com/form-data/form-data) from 4.0.5 to 4.0.6. - [Release notes](https://github.com/form-data/form-data/releases) - [Changelog](https://github.com/form-data/form-data/blob/master/CHANGELOG.md) - [Commits](form-data/form-data@v4.0.5...v4.0.6) --- updated-dependencies: - dependency-name: form-data dependency-version: 4.0.6 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump undici from 7.24.0 to 7.28.0 in /Themes (#14528) Bumps [undici](https://github.com/nodejs/undici) from 7.24.0 to 7.28.0. - [Release notes](https://github.com/nodejs/undici/releases) - [Commits](nodejs/undici@v7.24.0...v7.28.0) --- updated-dependencies: - dependency-name: undici dependency-version: 7.28.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump js-yaml from 4.1.1 to 4.2.0 in /Themes (#14529) Bumps [js-yaml](https://github.com/nodeca/js-yaml) from 4.1.1 to 4.2.0. - [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md) - [Commits](https://github.com/nodeca/js-yaml/commits) --- updated-dependencies: - dependency-name: js-yaml dependency-version: 4.2.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump form-data from 4.0.5 to 4.0.6 in /ExtensionPack (#14530) Bumps [form-data](https://github.com/form-data/form-data) from 4.0.5 to 4.0.6. - [Release notes](https://github.com/form-data/form-data/releases) - [Changelog](https://github.com/form-data/form-data/blob/master/CHANGELOG.md) - [Commits](form-data/form-data@v4.0.5...v4.0.6) --- updated-dependencies: - dependency-name: form-data dependency-version: 4.0.6 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * get OptionsSchema.json back in sync with package.json (#14523) * Cleanup from #13654 * Update OptionsSchema for #14108 * Update dependencies. (#14532) * Update github actions dependencies. (#14531) * Lock debuginfod strings. (#14520) * Allow suppression of run without debugging warnings (#14516) Added a property to disable the warning message generated when a launch config cannot be run directly in the terminal. * Update changelog and TPN for 1.33.0. (#14533) * Update changelog and TPN for 1.33.0. * Substitute `${env:X}` with an empty string for unset environment variables (#14535) * Expand undefined environment variables to empty * Use unique env var name Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> * Marked optional capturing groups as potentially undefined --------- Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> * Update changelog again. (#14536) --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Sergio Ramirez II <sergioramirez3434@gmail.com> Co-authored-by: Glen Chung <105310954+kuchungmsft@users.noreply.github.com> Co-authored-by: Bob Brown <bobbrow@users.noreply.github.com> Co-authored-by: Colen Garoutte-Carson <49173979+Colengms@users.noreply.github.com> Co-authored-by: Luca <681992+lukka@users.noreply.github.com> Co-authored-by: csigs <csigs@users.noreply.github.com> Co-authored-by: Andrew Wang <waan@microsoft.com> Co-authored-by: Ben McMorran <bemcmorr@microsoft.com> Co-authored-by: notable-equivalent <193968300+notable-equivalent@users.noreply.github.com> Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>

dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels May 21, 2026

dependabot Bot requested a review from a team as a code owner May 21, 2026 22:08

dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels May 21, 2026

github-project-automation Bot added this to cpptools May 21, 2026

github-project-automation Bot moved this to Pull Request in cpptools May 21, 2026

sean-mcmanus approved these changes May 22, 2026

View reviewed changes

sean-mcmanus merged commit cf49a16 into main May 22, 2026
6 of 9 checks passed

sean-mcmanus deleted the dependabot/npm_and_yarn/Extension/nevware21/ts-utils-0.14.0 branch May 22, 2026 02:30

github-project-automation Bot moved this from Pull Request to Done in cpptools May 22, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump @nevware21/ts-utils from 0.13.0 to 0.14.0 in /Extension#14469

Bump @nevware21/ts-utils from 0.13.0 to 0.14.0 in /Extension#14469
sean-mcmanus merged 1 commit into
mainfrom
dependabot/npm_and_yarn/Extension/nevware21/ts-utils-0.14.0

dependabot Bot commented on behalf of github May 21, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

dependabot Bot commented on behalf of github May 21, 2026

0.14.0

Changelog

Features

Security Issue

Bug Fixes

Repository Improvements

v0.14.0 May 18th, 2026

Changelog

Features

Security Issue

Bug Fixes

Repository Improvements

Dependency Updates

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant