[PR #60] Bump immutable from 5.0.3 to 5.1.5 #73

New issue

Open

opened 2026-03-15 16:15:56 +03:00 by kerem · 0 comments

kerem commented 2026-03-15 16:15:56 +03:00

Owner

Copy link

📋 Pull Request Information

Original PR: https://github.com/francoborrelli/spotify-react-web-client/pull/60
Author: @dependabot[bot]
Created: 3/4/2026
Status: 🔄 Open

Base: main ← Head: dependabot/npm_and_yarn/immutable-5.1.5

---

📝 Commits (1)

• 0cbf493 Bump immutable from 5.0.3 to 5.1.5

📊 Changes

1 file changed (+3 additions, -3 deletions)

View changed files

📝 yarn.lock (+3 -3)

📄 Description

Bumps immutable from 5.0.3 to 5.1.5.

Release notes

Sourced from immutable's releases.

v5.1.5

What's Changed

• Fix Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in immutable
• Upgrade devtools and use immutable version by @​jdeniau in immutable-js/immutable-js#2158

Full Changelog: https://github.com/immutable-js/immutable-js/compare/v5.1.4...v5.1.5

v5.1.4

What's Changed

• Migrate some files to TS by @​jdeniau in immutable-js/immutable-js#2125
  • Iterator.ts
  • PairSorting.ts
  • toJS.ts
  • Math.ts
  • Hash.ts
• Extract CollectionHelperMethods and convert to TS by @​jdeniau in immutable-js/immutable-js#2131
• Use npm trusted publishing only to avoid token stealing.

Documentation

• Fix/a11y issues by @​lyannel in immutable-js/immutable-js#2136
• Doc add Map.get signature update by @​borracciaBlu in immutable-js/immutable-js#2138
• fix(doc):minor-issues#2132 by @​JayMeDotDot in immutable-js/immutable-js#2133
• Fix algolia search by @​jdeniau in immutable-js/immutable-js#2135
• Typo in OrderedMap by @​jdeniau in immutable-js/immutable-js#2144

Internal

• chore: Sort all imports and activate eslint import rule by @​jdeniau in immutable-js/immutable-js#2119

New Contributors

• @​JayMeDotDot made their first contribution in immutable-js/immutable-js#2133
• @​lyannel made their first contribution in immutable-js/immutable-js#2136
• @​borracciaBlu made their first contribution in immutable-js/immutable-js#2138

Full Changelog: https://github.com/immutable-js/immutable-js/compare/v5.1.3...v5.1.4

v5.1.3

What's Changed

TypeScript

• fix: allow readonly map entry constructor by @​septs in immutable-js/immutable-js#2123

Documentation

There has been a huge amount of changes in the documentation, mainly migrate from an autogenerated documentation from .d.ts file, to a proper documentation in markdown. The playground has been included on nearly all method examples.

... (truncated)

Changelog

Sourced from immutable's changelog.

5.1.5

• Fix Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in immutable

5.1.4

• Migrate some files to TS by @​jdeniau in immutable-js/immutable-js#2125
  • Iterator.ts
  • PairSorting.ts
  • toJS.ts
  • Math.ts
  • Hash.ts
• Extract CollectionHelperMethods and convert to TS by @​jdeniau in immutable-js/immutable-js#2131
• Use npm trusted publishing only to avoid token stealing.

Documentation

• Fix/a11y issues by @​lyannel in immutable-js/immutable-js#2136
• Doc add Map.get signature update by @​borracciaBlu in immutable-js/immutable-js#2138
• fix(doc):minor-issues#2132 by @​JayMeDotDot in immutable-js/immutable-js#2133
• Fix algolia search by @​jdeniau in immutable-js/immutable-js#2135
• Typo in OrderedMap by @​jdeniau in immutable-js/immutable-js#2144

Internal

• chore: Sort all imports and activate eslint import rule by @​jdeniau in immutable-js/immutable-js#2119

5.1.3

TypeScript

• fix: allow readonly map entry constructor by @​septs in immutable-js/immutable-js#2123

Documentation

There has been a huge amount of changes in the documentation, mainly migrate from an autogenerated documentation from .d.ts file, to a proper documentation in markdown. The playground has been included on nearly all method examples. We added a page about browser extensions too: https://immutable-js.com/browser-extension/

Internal

• replace rimraf by a node script by @​jdeniau in immutable-js/immutable-js#2113
• remove warning for tseslint config by @​jdeniau in immutable-js/immutable-js#2114
• Use default tsconfig for tests by @​jdeniau in immutable-js/immutable-js#2055
• add tests for arrCopy by @​jdeniau in immutable-js/immutable-js#2120

5.1.2

• Revert previous assertion as it introduced a regression #2102 by @​giggo1604
• Merge should work with empty record #2103 by @​jdeniau

... (truncated)

Commits

• b37b855 5.1.5
• 16b3313 Merge commit from fork
• fd2ef49 fix new proto key injection
• 6734b7b fix Prototype Pollution in mergeDeep, toJS, etc.
• 6f772de Merge pull request #2175 from immutable-js/dependabot/npm_and_yarn/rollup-4.59.0
• 5f3dc61 Bump rollup from 4.34.8 to 4.59.0
• 049a594 Merge pull request #2173 from immutable-js/dependabot/npm_and_yarn/lodash-4.1...
• 2481a77 Merge pull request #2172 from mrazauskas/update-tstyche
• eb04779 Bump lodash from 4.17.21 to 4.17.23
• b973bf3 format
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for immutable since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

---

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/francoborrelli/spotify-react-web-client/pull/60 **Author:** [@dependabot[bot]](https://github.com/apps/dependabot) **Created:** 3/4/2026 **Status:** 🔄 Open **Base:** `main` ← **Head:** `dependabot/npm_and_yarn/immutable-5.1.5` --- ### 📝 Commits (1) - [`0cbf493`](https://github.com/francoborrelli/spotify-react-web-client/commit/0cbf4935efaa868d6b839802d6e5901f22f2095c) Bump immutable from 5.0.3 to 5.1.5 ### 📊 Changes **1 file changed** (+3 additions, -3 deletions) <details> <summary>View changed files</summary> 📝 `yarn.lock` (+3 -3) </details> ### 📄 Description Bumps [immutable](https://github.com/immutable-js/immutable-js) from 5.0.3 to 5.1.5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/immutable-js/immutable-js/releases">immutable's releases</a>.</em></p> <blockquote> <h2>v5.1.5</h2> <h2>What's Changed</h2> <ul> <li>Fix Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in immutable</li> <li>Upgrade devtools and use immutable version by <a href="https://github.com/jdeniau"><code>@​jdeniau</code></a> in <a href="https://redirect.github.com/immutable-js/immutable-js/pull/2158">immutable-js/immutable-js#2158</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/immutable-js/immutable-js/compare/v5.1.4...v5.1.5">https://github.com/immutable-js/immutable-js/compare/v5.1.4...v5.1.5</a></p> <h2>v5.1.4</h2> <h2>What's Changed</h2> <ul> <li>Migrate some files to TS by <a href="https://github.com/jdeniau"><code>@​jdeniau</code></a> in <a href="https://redirect.github.com/immutable-js/immutable-js/pull/2125">immutable-js/immutable-js#2125</a> <ul> <li>Iterator.ts</li> <li>PairSorting.ts</li> <li>toJS.ts</li> <li>Math.ts</li> <li>Hash.ts</li> </ul> </li> <li>Extract CollectionHelperMethods and convert to TS by <a href="https://github.com/jdeniau"><code>@​jdeniau</code></a> in <a href="https://redirect.github.com/immutable-js/immutable-js/pull/2131">immutable-js/immutable-js#2131</a></li> <li>Use npm <a href="https://docs.npmjs.com/trusted-publishers">trusted publishing only</a> to avoid token stealing.</li> </ul> <h3>Documentation</h3> <ul> <li>Fix/a11y issues by <a href="https://github.com/lyannel"><code>@​lyannel</code></a> in <a href="https://redirect.github.com/immutable-js/immutable-js/pull/2136">immutable-js/immutable-js#2136</a></li> <li>Doc add Map.get signature update by <a href="https://github.com/borracciaBlu"><code>@​borracciaBlu</code></a> in <a href="https://redirect.github.com/immutable-js/immutable-js/pull/2138">immutable-js/immutable-js#2138</a></li> <li>fix(doc):minor-issues#2132 by <a href="https://github.com/JayMeDotDot"><code>@​JayMeDotDot</code></a> in <a href="https://redirect.github.com/immutable-js/immutable-js/pull/2133">immutable-js/immutable-js#2133</a></li> <li>Fix algolia search by <a href="https://github.com/jdeniau"><code>@​jdeniau</code></a> in <a href="https://redirect.github.com/immutable-js/immutable-js/pull/2135">immutable-js/immutable-js#2135</a></li> <li>Typo in OrderedMap by <a href="https://github.com/jdeniau"><code>@​jdeniau</code></a> in <a href="https://redirect.github.com/immutable-js/immutable-js/pull/2144">immutable-js/immutable-js#2144</a></li> </ul> <h3>Internal</h3> <ul> <li>chore: Sort all imports and activate eslint import rule by <a href="https://github.com/jdeniau"><code>@​jdeniau</code></a> in <a href="https://redirect.github.com/immutable-js/immutable-js/pull/2119">immutable-js/immutable-js#2119</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/JayMeDotDot"><code>@​JayMeDotDot</code></a> made their first contribution in <a href="https://redirect.github.com/immutable-js/immutable-js/pull/2133">immutable-js/immutable-js#2133</a></li> <li><a href="https://github.com/lyannel"><code>@​lyannel</code></a> made their first contribution in <a href="https://redirect.github.com/immutable-js/immutable-js/pull/2136">immutable-js/immutable-js#2136</a></li> <li><a href="https://github.com/borracciaBlu"><code>@​borracciaBlu</code></a> made their first contribution in <a href="https://redirect.github.com/immutable-js/immutable-js/pull/2138">immutable-js/immutable-js#2138</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/immutable-js/immutable-js/compare/v5.1.3...v5.1.4">https://github.com/immutable-js/immutable-js/compare/v5.1.3...v5.1.4</a></p> <h2>v5.1.3</h2> <h2>What's Changed</h2> <h3>TypeScript</h3> <ul> <li>fix: allow readonly map entry constructor by <a href="https://github.com/septs"><code>@​septs</code></a> in <a href="https://redirect.github.com/immutable-js/immutable-js/pull/2123">immutable-js/immutable-js#2123</a></li> </ul> <h3>Documentation</h3> <p>There has been a huge amount of changes in the documentation, mainly migrate from an autogenerated documentation from .d.ts file, to a proper documentation in markdown. The playground has been included on nearly all method examples.</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/immutable-js/immutable-js/blob/main/CHANGELOG.md">immutable's changelog</a>.</em></p> <blockquote> <h2>5.1.5</h2> <ul> <li>Fix Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in immutable</li> </ul> <h2>5.1.4</h2> <ul> <li>Migrate some files to TS by <a href="https://github.com/jdeniau"><code>@​jdeniau</code></a> in <a href="https://redirect.github.com/immutable-js/immutable-js/pull/2125">immutable-js/immutable-js#2125</a> <ul> <li>Iterator.ts</li> <li>PairSorting.ts</li> <li>toJS.ts</li> <li>Math.ts</li> <li>Hash.ts</li> </ul> </li> <li>Extract CollectionHelperMethods and convert to TS by <a href="https://github.com/jdeniau"><code>@​jdeniau</code></a> in <a href="https://redirect.github.com/immutable-js/immutable-js/pull/2131">immutable-js/immutable-js#2131</a></li> <li>Use npm <a href="https://docs.npmjs.com/trusted-publishers">trusted publishing only</a> to avoid token stealing.</li> </ul> <h3>Documentation</h3> <ul> <li>Fix/a11y issues by <a href="https://github.com/lyannel"><code>@​lyannel</code></a> in <a href="https://redirect.github.com/immutable-js/immutable-js/pull/2136">immutable-js/immutable-js#2136</a></li> <li>Doc add Map.get signature update by <a href="https://github.com/borracciaBlu"><code>@​borracciaBlu</code></a> in <a href="https://redirect.github.com/immutable-js/immutable-js/pull/2138">immutable-js/immutable-js#2138</a></li> <li>fix(doc):minor-issues#2132 by <a href="https://github.com/JayMeDotDot"><code>@​JayMeDotDot</code></a> in <a href="https://redirect.github.com/immutable-js/immutable-js/pull/2133">immutable-js/immutable-js#2133</a></li> <li>Fix algolia search by <a href="https://github.com/jdeniau"><code>@​jdeniau</code></a> in <a href="https://redirect.github.com/immutable-js/immutable-js/pull/2135">immutable-js/immutable-js#2135</a></li> <li>Typo in OrderedMap by <a href="https://github.com/jdeniau"><code>@​jdeniau</code></a> in <a href="https://redirect.github.com/immutable-js/immutable-js/pull/2144">immutable-js/immutable-js#2144</a></li> </ul> <h3>Internal</h3> <ul> <li>chore: Sort all imports and activate eslint import rule by <a href="https://github.com/jdeniau"><code>@​jdeniau</code></a> in <a href="https://redirect.github.com/immutable-js/immutable-js/pull/2119">immutable-js/immutable-js#2119</a></li> </ul> <h2>5.1.3</h2> <h3>TypeScript</h3> <ul> <li>fix: allow readonly map entry constructor by <a href="https://github.com/septs"><code>@​septs</code></a> in <a href="https://redirect.github.com/immutable-js/immutable-js/pull/2123">immutable-js/immutable-js#2123</a></li> </ul> <h3>Documentation</h3> <p>There has been a huge amount of changes in the documentation, mainly migrate from an autogenerated documentation from .d.ts file, to a proper documentation in markdown. The playground has been included on nearly all method examples. We added a page about browser extensions too: <a href="https://immutable-js.com/browser-extension/">https://immutable-js.com/browser-extension/</a></p> <h3>Internal</h3> <ul> <li>replace rimraf by a node script by <a href="https://github.com/jdeniau"><code>@​jdeniau</code></a> in <a href="https://redirect.github.com/immutable-js/immutable-js/pull/2113">immutable-js/immutable-js#2113</a></li> <li>remove warning for tseslint config by <a href="https://github.com/jdeniau"><code>@​jdeniau</code></a> in <a href="https://redirect.github.com/immutable-js/immutable-js/pull/2114">immutable-js/immutable-js#2114</a></li> <li>Use default tsconfig for tests by <a href="https://github.com/jdeniau"><code>@​jdeniau</code></a> in <a href="https://redirect.github.com/immutable-js/immutable-js/pull/2055">immutable-js/immutable-js#2055</a></li> <li>add tests for arrCopy by <a href="https://github.com/jdeniau"><code>@​jdeniau</code></a> in <a href="https://redirect.github.com/immutable-js/immutable-js/pull/2120">immutable-js/immutable-js#2120</a></li> </ul> <h2>5.1.2</h2> <ul> <li>Revert previous assertion as it introduced a regression <a href="https://redirect.github.com/immutable-js/immutable-js/pull/2102">#2102</a> by <a href="https://github.com/giggo1604"><code>@​giggo1604</code></a></li> <li>Merge should work with empty record <a href="https://redirect.github.com/immutable-js/immutable-js/pull/2103">#2103</a> by <a href="https://github.com/jdeniau"><code>@​jdeniau</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/immutable-js/immutable-js/commit/b37b85568632227751ddc8a16034cacc0f42b652"><code>b37b855</code></a> 5.1.5</li> <li><a href="https://github.com/immutable-js/immutable-js/commit/16b3313fdf2c5f579f10799e22869f6909abf945"><code>16b3313</code></a> Merge commit from fork</li> <li><a href="https://github.com/immutable-js/immutable-js/commit/fd2ef4977ee654c5bf26368dbf2f983c8d679bd6"><code>fd2ef49</code></a> fix new proto key injection</li> <li><a href="https://github.com/immutable-js/immutable-js/commit/6734b7b2af7e9dadf517eb9473cc64d2dfe2e301"><code>6734b7b</code></a> fix Prototype Pollution in mergeDeep, toJS, etc.</li> <li><a href="https://github.com/immutable-js/immutable-js/commit/6f772de1e44dcde14128e48d19081a7a077f2162"><code>6f772de</code></a> Merge pull request <a href="https://redirect.github.com/immutable-js/immutable-js/issues/2175">#2175</a> from immutable-js/dependabot/npm_and_yarn/rollup-4.59.0</li> <li><a href="https://github.com/immutable-js/immutable-js/commit/5f3dc61fd0e231654f04a850b8764e7e864c54b3"><code>5f3dc61</code></a> Bump rollup from 4.34.8 to 4.59.0</li> <li><a href="https://github.com/immutable-js/immutable-js/commit/049a594410962c13dfd0f2d0bf0ef2154271079e"><code>049a594</code></a> Merge pull request <a href="https://redirect.github.com/immutable-js/immutable-js/issues/2173">#2173</a> from immutable-js/dependabot/npm_and_yarn/lodash-4.1...</li> <li><a href="https://github.com/immutable-js/immutable-js/commit/2481a77331122eea4ace8afd4842042c6ae7510c"><code>2481a77</code></a> Merge pull request <a href="https://redirect.github.com/immutable-js/immutable-js/issues/2172">#2172</a> from mrazauskas/update-tstyche</li> <li><a href="https://github.com/immutable-js/immutable-js/commit/eb047790b44dac8e5ace49529a5c9928edfc8e12"><code>eb04779</code></a> Bump lodash from 4.17.21 to 4.17.23</li> <li><a href="https://github.com/immutable-js/immutable-js/commit/b973bf3b6242c9966143169825e1e14248c07c31"><code>b973bf3</code></a> format</li> <li>Additional commits viewable in <a href="https://github.com/immutable-js/immutable-js/compare/v5.0.3...v5.1.5">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by [GitHub Actions](<a href="https://www.npmjs.com/~GitHub">https://www.npmjs.com/~GitHub</a> Actions), a new releaser for immutable since your current version.</p> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/francoborrelli/spotify-react-web-client/network/alerts). </details> --- _{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

kerem added the

pull-request

label 2026-03-15 16:15:56 +03:00

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

dependabot/npm_and_yarn/follow-redirects-1.16.0

dependabot/npm_and_yarn/axios-1.15.0

main-2018

develop

master

1.0.1

Labels

Clear labels   

pull-request

Mirrored from GitHub Pull Request

No labels

pull-request

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/spotify-react-web-client#73

No description provided.