Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

chore(deps-dev): bump @microsoft/api-extractor from 7.36.3 to 7.56.3

Open
Number: #523
Type: Pull Request
State: Open
Author: dependabot[bot] dependabot[bot]
Association: Unknown
Comments: 2
Created: February 09, 2026 at 03:43 AM UTC
(4 months ago)
Updated: February 09, 2026 at 03:50 AM UTC
(4 months ago)
Labels:
type: dependencies
Description:

Bumps @microsoft/api-extractor from 7.36.3 to 7.56.3.

Changelog

Sourced from @​microsoft/api-extractor's changelog.

7.56.3

Sat, 07 Feb 2026 01:13:26 GMT

Patches

  • Upgrade lodash dependency from ~4.17.15 to ~4.17.23.

7.56.2

Wed, 04 Feb 2026 20:42:47 GMT

Patches

  • Update minimatch dependency from 10.0.3 to 10.1.2

7.56.1

Wed, 04 Feb 2026 16:13:27 GMT

Version update only

7.56.0

Fri, 30 Jan 2026 01:16:12 GMT

Minor changes

  • Fix an issue where destructured parameters produced an incorrect parameter name

7.55.5

Thu, 08 Jan 2026 01:12:30 GMT

Patches

  • Fix missing 'export' keyword for namespace re-exports that produced invalid TypeScript output

7.55.4

Wed, 07 Jan 2026 01:12:24 GMT

Version update only

7.55.3

Mon, 05 Jan 2026 16:12:49 GMT

Version update only

7.55.2

Sat, 06 Dec 2025 01:12:28 GMT

Version update only

7.55.1

Fri, 21 Nov 2025 16:13:56 GMT

... (truncated)

Commits
  • d61ddd6 Bump versions [skip ci]
  • bd434ef Update changelogs [skip ci]
  • 505d12d Upgrade lodash to 4.17.23 and @​types/lodash to 4.17.23 (#5603)
  • 0b1bf0b Bump versions [skip ci]
  • 357886c Update changelogs [skip ci]
  • 1b0e350 Update minimatch from 10.0.3 to 10.1.2 to address GHSA-7h2j-956f-4vf2 (#5596)
  • 6a8cc6f Bump versions [skip ci]
  • 3f3c718 Update changelogs [skip ci]
  • 3e188a5 Bump versions [skip ci]
  • 7f33a8c Update changelogs [skip ci]
  • Additional commits viewable in compare view

Most Recent Ignore Conditions Applied to This Pull Request
Dependency Name Ignore Conditions
@microsoft/api-extractor [< 7.25, > 7.24.0]
@microsoft/api-extractor [< 7.29, > 7.28.4]
@microsoft/api-extractor [< 7.30, > 7.29.3]
@microsoft/api-extractor [< 7.33, > 7.32.0]

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Package Dependencies
Package:
@microsoft/api-extractor
Ecosystem:
npm
Version Change:
7.36.3 → 7.56.3
Update Type:
Minor
Security Advisories
@isaacs/brace-expansion has Uncontrolled Resource Consumption
GHSA-7h2j-956f-4vf2 CVE-2026-25547 HIGH
### Summary `@isaacs/brace-expansion` is vulnerable to a Denial of Service (DoS) issue caused by unbounded brace range expansion. When an attacker provides a pattern containing repeated numeric br...
Actions
View on GitHub View Repository All Dependabot PRs
Technical Details
ID: 13641869
UUID: 3914286109
Node ID: PR_kwDOG5lbN87CX6Bc
Host: GitHub
Repository: OpenFunction/functions-framework-nodejs