Skip to content

chore(deps-dev): bump svgo from 4.0.0 to 4.0.1#227

Merged
vknabel merged 1 commit intomainfrom
dependabot/bun/svgo-4.0.1
Mar 9, 2026
Merged

chore(deps-dev): bump svgo from 4.0.0 to 4.0.1#227
vknabel merged 1 commit intomainfrom
dependabot/bun/svgo-4.0.1

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 9, 2026

Bumps svgo from 4.0.0 to 4.0.1.

Release notes

Sourced from svgo's releases.

v4.0.1

What's Changed

Dependencies

  • Sets minimum version of sax (XML parser) to v1.5.0, which improves built-in guards against entity expansion.

Bug Fixes

Performance

Other Changes

  • Plugins no longer include if they are enabled or disabled by default, as this was written inconsistently. The --show-plugins argument appends the presets a plugin is in to the end of the line. By @​viralcodex in svg/svgo#2174
  • Plugin/preset types to enforce the name start with preset- if it is a preset (collection of plugins). By @​SethFalco in svg/svgo#2178

Metrics

Before and after of the browser bundle of each respective version:

v4.0.0 v4.0.1 Delta
svgo.browser.js 780.2 kB 781.5 kB ⬆️ 1.3 kB
Commits
  • e691f5f Merge commit from fork
  • b1d9f1a chore(deps): bump actions/upload-artifact from 6 to 7 (#2202)
  • d724af1 chore(deps): bump actions/checkout from 5 to 6 (#2195)
  • 4114b32 chore(deps): bump actions/upload-artifact from 4 to 6 (#2196)
  • c06d8f6 chore: upgrade js-yaml and glob (#2191)
  • 26e86e5 fix: remove unused <use> elements when deleting empty symbols (#2051)
  • 50c326b perf: optimiztions to reduce regression test runtime (#2135)
  • 1f33cbe ci: separate regression tests and write delta report (#2190)
  • 79a2167 ci: save test reports to artifacts (#2189)
  • 0ae52a0 chore(deps): bump actions/setup-node from 5 to 6 (#2187)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps-dev): bump svgo from 4.0.0 to 4.0.1
dea14de 
Bumps [svgo](https://github.com/svg/svgo) from 4.0.0 to 4.0.1.
- [Release notes](https://github.com/svg/svgo/releases)
- [Commits](svg/svgo@v4.0.0...v4.0.1)

---
updated-dependencies:
- dependency-name: svgo
  dependency-version: 4.0.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Updates dependencies of a code repository. javascript Pull requests that update javascript code patch Just bug fixes and chores, causes the release drafter to create a new patch version labels Mar 9, 2026
@dependabot dependabot bot requested a review from a team as a code owner March 9, 2026 08:40
@dependabot dependabot bot added dependencies Updates dependencies of a code repository. patch Just bug fixes and chores, causes the release drafter to create a new patch version javascript Pull requests that update javascript code labels Mar 9, 2026
@metal-robot metal-robot bot added the area: documentation Affects the documentation area. label Mar 9, 2026
@metal-robot metal-robot bot added this to Development Mar 9, 2026
@netlify
Copy link

netlify bot commented Mar 9, 2026
edited
Loading

Deploy Preview for metal-stack-io ready!

Name Link
🔨 Latest commit dea14de
🔍 Latest deploy log https://app.netlify.com/projects/metal-stack-io/deploys/69ae8768e1a98700088557bd
😎 Deploy Preview https://deploy-preview-227--metal-stack-io.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

@vknabel vknabel merged commit d44b400 into main Mar 9, 2026
5 checks passed
@dependabot dependabot bot deleted the dependabot/bun/svgo-4.0.1 branch March 9, 2026 09:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@vknabel vknabel vknabel approved these changes

Assignees

No one assigned

Labels

area: documentation Affects the documentation area. dependencies Updates dependencies of a code repository. javascript Pull requests that update javascript code patch Just bug fixes and chores, causes the release drafter to create a new patch version

Projects

Development
Archived in project

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@vknabel