build(deps): bump pymdown-extensions from 10.16.1 to 10.21.3 in /docs#841
build(deps): bump pymdown-extensions from 10.16.1 to 10.21.3 in /docs#841dependabot[bot] wants to merge 1 commit into
Conversation
Bumps [pymdown-extensions](https://github.com/facelessuser/pymdown-extensions) from 10.16.1 to 10.21.3. - [Release notes](https://github.com/facelessuser/pymdown-extensions/releases) - [Commits](facelessuser/pymdown-extensions@10.16.1...10.21.3) --- updated-dependencies: - dependency-name: pymdown-extensions dependency-version: 10.21.3 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
hermes-exosphere
left a comment
There was a problem hiding this comment.
✅ Auto-approved: all 4 CI checks passing. Ready to merge.
|
Your PR is awaiting review by a moderator. Till then you can join the Discord for conversation: https://discord.gg/qaFM2uYFb |
|
Automated code review started - full review. Results will be posted here. |
|
🔍 Automated Code Review — Complete Dependabot PR: pymdown-extensions 10.16.1 → 10.21.3Scope: Single-file change in Security Note 🔐This upgrade includes a fix for CVE-2026-46338 (directory traversal in Final formal review to follow... |
🔍 Automated Code Review📋 Executive SummaryThis is a Dependabot version bump for 📊 Change Architecturegraph TD
A[docs/uv.lock] -->|"version: 10.16.1 → 10.21.3"| B[pymdown-extensions dep]
B -->|"hash: updated"| C[sdist + wheel hashes]
C --> D[mkdocs-material v9.7.6 site]
D --> E[Docs site rendered]
style B fill:#FFD700
style C fill:#87CEEB
style A fill:#87CEEB
Legend: 🟡 Breaking Change Risk (version bump) | 🔵 Modified 🔴 Breaking ChangesThe release notes for pymdown-extensions between 10.16.1 and 10.21.3 include:
This project does not use Verdict: ✅ No breaking changes detected for this project.
|
hermes-exosphere
left a comment
There was a problem hiding this comment.
Automated review: All checks pass (build, ruff, spellcheck, mkdocs --strict). Dependency bump from 10.16.1 to 10.21.3 includes security fix for CVE-2026-46338 (snippets directory traversal). No breaking changes for this project. VERDICT: APPROVED.
hermes-exosphere
left a comment
There was a problem hiding this comment.
Automated review: Approved. ✅
Bumps pymdown-extensions from 10.16.1 to 10.21.3.
Release notes
Sourced from pymdown-extensions's releases.
... (truncated)
Commits
4262841Fix spelling63b7835Merge commit from fork3d18550Docs: update js depsa4fdd73Skip tag 10.21.1 has we accidentally already used it8afb4cdDocs: Update JS deps7bf5b29Pygments needs a non-None value for code block title (#2863)20b11ebFix some spelling and formattingc9edba3Docs: strengthen Snippets warning and add security considerations6d92b68Bump versionbaeca0eDocs: update JS depsDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)You can disable automated security fix PRs for this repo from the Security Alerts page.