From fb4490360d18c610df54b6837bb8dc5992574f53 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 27 Mar 2026 14:24:51 +0000
Subject: [PATCH 1/2] build(deps): bump brace-expansion

Bumps [brace-expansion](https://github.com/juliangruber/brace-expansion) from 5.0.3 to 5.0.5.
- [Release notes](https://github.com/juliangruber/brace-expansion/releases)
- [Commits](https://github.com/juliangruber/brace-expansion/compare/v5.0.3...v5.0.5)

---
updated-dependencies:
- dependency-name: brace-expansion
  dependency-version: 5.0.5
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 libs/openant-core/parsers/javascript/package-lock.json | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/libs/openant-core/parsers/javascript/package-lock.json b/libs/openant-core/parsers/javascript/package-lock.json
index 8a6409e..c4fdcab 100644
--- a/libs/openant-core/parsers/javascript/package-lock.json
+++ b/libs/openant-core/parsers/javascript/package-lock.json
@@ -47,9 +47,9 @@
       }
     },
     "node_modules/brace-expansion": {
-      "version": "5.0.3",
-      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-5.0.3.tgz",
-      "integrity": "sha512-fy6KJm2RawA5RcHkLa1z/ScpBeA762UF9KmZQxwIbDtRJrgLzM10depAiEQ+CXYcoiqW1/m96OAAoke2nE9EeA==",
+      "version": "5.0.5",
+      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-5.0.5.tgz",
+      "integrity": "sha512-VZznLgtwhn+Mact9tfiwx64fA9erHH/MCXEUfB/0bX/6Fz6ny5EGTXYltMocqg4xFAQZtnO3DHWWXi8RiuN7cQ==",
       "license": "MIT",
       "dependencies": {
         "balanced-match": "^4.0.2"

From 4ac6848a8c8f358c5bf5398950d9b71578c076b1 Mon Sep 17 00:00:00 2001
From: ar7casper <alex.raihel@gmail.com>
Date: Thu, 14 May 2026 15:16:56 +0300
Subject: [PATCH 2/2] build(deps): bump brace-expansion to 5.0.6 in
 /libs/openant-core/parsers/javascript
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

PR opened by dependabot at 5.0.5; 5.0.6 (2026-05-08) adds another
security fix ("Merge commit from fork" — third such patch in 11 weeks
on this package). Bumps directly to latest stable.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
---
 libs/openant-core/parsers/javascript/package-lock.json | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/libs/openant-core/parsers/javascript/package-lock.json b/libs/openant-core/parsers/javascript/package-lock.json
index c4fdcab..c5ca90b 100644
--- a/libs/openant-core/parsers/javascript/package-lock.json
+++ b/libs/openant-core/parsers/javascript/package-lock.json
@@ -47,9 +47,9 @@
       }
     },
     "node_modules/brace-expansion": {
-      "version": "5.0.5",
-      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-5.0.5.tgz",
-      "integrity": "sha512-VZznLgtwhn+Mact9tfiwx64fA9erHH/MCXEUfB/0bX/6Fz6ny5EGTXYltMocqg4xFAQZtnO3DHWWXi8RiuN7cQ==",
+      "version": "5.0.6",
+      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-5.0.6.tgz",
+      "integrity": "sha512-kLpxurY4Z4r9sgMsyG0Z9uzsBlgiU/EFKhj/h91/8yHu0edo7XuixOIH3VcJ8kkxs6/jPzoI6U9Vj3WqbMQ94g==",
       "license": "MIT",
       "dependencies": {
         "balanced-match": "^4.0.2"