Bump the npm_and_yarn group across 1 directory with 2 updates

[dependabot]

Bumps the npm_and_yarn group with 2 updates in the / directory: file-type and pm2.

Updates file-type from 19.6.0 to 21.3.1

Release notes

Sourced from file-type's releases.

v21.3.1

• Fix infinite loop in ASF parser on malformed input (GHSA-5v7r-6r5c-r473) 319abf8

---

sindresorhus/file-type@v21.3.0...v21.3.1

v21.3.0

• Add support for Mach-O Universal (aka "Fat") binaries and additional architectures (#779) d223491

---

sindresorhus/file-type@v21.2.0...v21.3.0

v21.2.0

• Add support for SPSS data files (#787) 889f638
• Add support for JMP (#784) 093dba0

---

sindresorhus/file-type@v21.1.1...v21.2.0

v21.1.1

• Fix handling of partial Gunzip file (#783) 710e053

---

sindresorhus/file-type@v21.1.0...v21.1.1

v21.1.0

• Add support for .tar.gz (gunzipped tarball file) (#763) eda03a7
• Add support for Windows registry (.reg) files 0db61ec 7d2ddcf
• Add support for Windows registry hive file (.dat) (#767) f8d62be
• Fix: Handle partial unzip (#773) 7ad3a90

---

sindresorhus/file-type@v21.0.0...v21.1.0

v21.0.0

Breaking

• Require Node.js 20 24aec1f
• Drop Adobe Illustrator (.ai) detection support (#743) af169f3
• Correct Matroska (video) MIME-type to formal IANA registration (#753) f53f5ff
• Correct FLAC MIME-type to formal IANA registration (#755) b9fda36
• Correct Apache Parquet MIME-type to formal IANA registration (#748) 98e3f8e
• Correct Apache Arrow MIME-type to formal IANA registration (#754) 7184775

Improvements

... (truncated)

Commits

• ad5857e 21.3.1
• 5d2fedf Harden parser
• 319abf8 Fix infinite loop in ASF parser on malformed input
• 1ca9281 Mention @​file-type/cfbf plugin (#791)
• 2033ea7 21.3.0
• d223491 Add support for Mach-O Universal (aka "Fat") binaries and additional architec...
• 2ca86b3 Docs: Remove BYOB stream requirement warning (#790)
• 4d7393a List @file-type/pdf in available plugins (#788)
• 810e1d8 21.2.0
• 889f638 Add support for SPSS data files (#787)
• Additional commits viewable in compare view

Updates pm2 from 5.4.3 to 6.0.14

Release notes

Sourced from pm2's releases.

v6.0.14

6.0.14

• Fixed version of @​pm2/pm2-version-check #6055
• CVE-2025-64718 Update js-yaml
• replace fs.R_OK with fs.constants.T_OK #6012 #6019

v6.0.13

• fix blessed dep

v6.0.12

• #6037 Drop npm-shrinkwrap in favor of fixed dependencies versions
• #5577 fix pm2 monit crash

v6.0.11

• #6034 replace package-lock.json by npm-shrinkwrap.json
• #5915 fix allowing to update namespaced pm2 NPM module (@​org/module-name)

v6.0.10

• revert #5971 #6031

v6.0.9

6.0.9

• updates all typescript definitions
• upgrade github ci workflows
• upgrade mocha dep and adapt tests
• bump packages
• fix:Potential ReDoS Vulnerability or Inefficient Regular Expression in Project: Need for Assessment and Mitigation #5971

v6.0.8

• fix: package-lock update

v6.0.7

• fix: ansis-node10 Unitech/pm2@99d9224 @
  webdiscus

v6.0.6

• refactor: replace chalk with ansis by @​webdiscus fix #5976 #5247

v6.0.5

6.0.5

• Bun support - Fixes #5893 #5774 #5682 #5675 #5777
• Disable git parsing by default #5909 #2182 #5801 #5051 #5696
• Add WEBP content type for pm2 serve #5900 @​tbo47
• Enable PM2 module update from tarball #5906 @​AYOKINYA
• Fix treekil on FreeBSD #5896 @​skeyby
• fix allowing to update namespaced pm2 NPM module (@​org/module-name) #5915 @​endelendel

Changelog

Sourced from pm2's changelog.

6.0.14

• Fixed version of @​pm2/pm2-version-check #6055
• CVE-2025-64718 Update js-yaml
• replace fs.R_OK with fs.constants.T_OK #6012 #6019

6.0.13

• Fix blessed package import

6.0.12

• #6037 Drop npm-shrinkwrap in favor of fixed dependencies versions
• #5577 fix pm2 monit crash

6.0.11

• #6034 replace package-lock.json by npm-shrinkwrap.json
• #5915 fix allowing to update namespaced pm2 NPM module (@​org/module-name)

6.0.10

• revert #5971 #6031

6.0.9

• updates all typescript definitions
• upgrade github ci workflows
• upgrade mocha dep and adapt tests
• bump packages
• fix:Potential ReDoS Vulnerability or Inefficient Regular Expression in Project: Need for Assessment and Mitigation #5971

6.0.8

• fix: package-lock update

6.0.7

• fix: ansis-node10 Unitech/pm2@99d9224 @​webdiscus

6.0.6

• refactor: replace chalk with smaller alternative by @​webdiscus

6.0.5

• Bun support - Fixes #5893 #5774 #5682 #5675 #5777
• Disable git parsing by default #5909 #2182 #5801 #5051 #5696
• Add WEBP content type for pm2 serve #5900 @​tbo47
• Enable PM2 module update from tarball #5906 @​AYOKINYA

... (truncated)

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.