Combined Dependabot PRs by github-actions[bot] · Pull Request #551 · NHSDigital/nhs-notify-supplier-api

github-actions · 2026-04-28T08:36:27Z

Combined Dependabot PRs

✅ The following pull requests have been successfully combined on this PR:

Closes Bump erb from 4.0.4 to 4.0.4.1 in /docs #550 Bump erb from 4.0.4 to 4.0.4.1 in /docs
Closes Bump python-dotenv from 1.2.1 to 1.2.2 in /tests/e2e-tests #545 Bump python-dotenv from 1.2.1 to 1.2.2 in /tests/e2e-tests
Closes Bump protobufjs from 7.5.4 to 7.5.5 #542 Bump protobufjs from 7.5.4 to 7.5.5
Closes Bump authlib from 1.6.9 to 1.6.11 in /tests/e2e-tests #541 Bump authlib from 1.6.9 to 1.6.11 in /tests/e2e-tests
Closes Bump dompurify from 3.3.2 to 3.4.0 #539 Bump dompurify from 3.3.2 to 3.4.0
Closes Bump NHSDigital/nhs-notify-shared-modules from 3.0.8 to 3.0.9 #538 Bump NHSDigital/nhs-notify-shared-modules from 3.0.8 to 3.0.9
Closes Bump cryptography from 46.0.5 to 46.0.7 in /tests/e2e-tests #525 Bump cryptography from 46.0.5 to 46.0.7 in /tests/e2e-tests
Closes Bump addressable from 2.8.7 to 2.9.0 in /docs #523 Bump addressable from 2.8.7 to 2.9.0 in /docs
Closes Bump actions/deploy-pages from 4.0.5 to 5.0.0 #521 Bump actions/deploy-pages from 4.0.5 to 5.0.0
Closes Bump pygments from 2.19.2 to 2.20.0 in /tests/e2e-tests #506 Bump pygments from 2.19.2 to 2.20.0 in /tests/e2e-tests
Closes Bump requests from 2.32.5 to 2.33.0 in /tests/e2e-tests #497 Bump requests from 2.32.5 to 2.33.0 in /tests/e2e-tests

⚠️ The following PRs were left out due to merge conflicts:

Bump follow-redirects from 1.15.11 to 1.16.0 #537 Bump follow-redirects from 1.15.11 to 1.16.0
Bump basic-ftp from 5.2.0 to 5.2.2 #531 Bump basic-ftp from 5.2.0 to 5.2.2
Bump @nestjs/core and @openapitools/openapi-generator-cli #526 Bump @nestjs/core and @openapitools/openapi-generator-cli
Bump actions/setup-node from 4.4.0 to 6.4.0 #520 Bump actions/setup-node from 4.4.0 to 6.4.0
Bump actions/cache from 4.3.0 to 5.0.5 #519 Bump actions/cache from 4.3.0 to 5.0.5
Bump actions/checkout from 5.0.0 to 6.0.2 #518 Bump actions/checkout from 5.0.0 to 6.0.2
Bump @aws-sdk/lib-dynamodb from 3.1008.0 to 3.1016.0 #513 Bump @aws-sdk/lib-dynamodb from 3.1008.0 to 3.1016.0
Bump typescript-eslint from 8.56.1 to 8.57.2 #512 Bump typescript-eslint from 8.56.1 to 8.57.2
Bump @aws-sdk/client-api-gateway from 3.1002.0 to 3.1016.0 #511 Bump @aws-sdk/client-api-gateway from 3.1002.0 to 3.1016.0
Bump @aws-sdk/client-sns from 3.1002.0 to 3.1016.0 #510 Bump @aws-sdk/client-sns from 3.1002.0 to 3.1016.0
Bump picomatch from 2.3.1 to 2.3.2 #499 Bump picomatch from 2.3.1 to 2.3.2
Bump handlebars from 4.7.8 to 4.7.9 #498 Bump handlebars from 4.7.8 to 4.7.9
Bump activesupport from 7.1.3.4 to 7.2.3.1 in /docs #483 Bump activesupport from 7.1.3.4 to 7.2.3.1 in /docs
Bump jest-environment-jsdom from 30.2.0 to 30.3.0 #467 Bump jest-environment-jsdom from 30.2.0 to 30.3.0

This PR was created by the github/combine-prs action

Bumps [requests](https://github.com/psf/requests) from 2.32.5 to 2.33.0. - [Release notes](https://github.com/psf/requests/releases) - [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md) - [Commits](psf/requests@v2.32.5...v2.33.0) --- updated-dependencies: - dependency-name: requests dependency-version: 2.33.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [pygments](https://github.com/pygments/pygments) from 2.19.2 to 2.20.0. - [Release notes](https://github.com/pygments/pygments/releases) - [Changelog](https://github.com/pygments/pygments/blob/master/CHANGES) - [Commits](pygments/pygments@2.19.2...2.20.0) --- updated-dependencies: - dependency-name: pygments dependency-version: 2.20.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [addressable](https://github.com/sporkmonger/addressable) from 2.8.7 to 2.9.0. - [Changelog](https://github.com/sporkmonger/addressable/blob/main/CHANGELOG.md) - [Commits](sporkmonger/addressable@addressable-2.8.7...addressable-2.9.0) --- updated-dependencies: - dependency-name: addressable dependency-version: 2.9.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [cryptography](https://github.com/pyca/cryptography) from 46.0.5 to 46.0.7. - [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst) - [Commits](pyca/cryptography@46.0.5...46.0.7) --- updated-dependencies: - dependency-name: cryptography dependency-version: 46.0.7 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [dompurify](https://github.com/cure53/DOMPurify) from 3.3.2 to 3.4.0. - [Release notes](https://github.com/cure53/DOMPurify/releases) - [Commits](cure53/DOMPurify@3.3.2...3.4.0) --- updated-dependencies: - dependency-name: dompurify dependency-version: 3.4.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [authlib](https://github.com/authlib/authlib) from 1.6.9 to 1.6.11. - [Release notes](https://github.com/authlib/authlib/releases) - [Changelog](https://github.com/authlib/authlib/blob/v1.6.11/docs/changelog.rst) - [Commits](authlib/authlib@v1.6.9...v1.6.11) --- updated-dependencies: - dependency-name: authlib dependency-version: 1.6.11 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [protobufjs](https://github.com/protobufjs/protobuf.js) from 7.5.4 to 7.5.5. - [Release notes](https://github.com/protobufjs/protobuf.js/releases) - [Changelog](https://github.com/protobufjs/protobuf.js/blob/master/CHANGELOG.md) - [Commits](protobufjs/protobuf.js@protobufjs-v7.5.4...protobufjs-v7.5.5) --- updated-dependencies: - dependency-name: protobufjs dependency-version: 7.5.5 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [python-dotenv](https://github.com/theskumar/python-dotenv) from 1.2.1 to 1.2.2. - [Release notes](https://github.com/theskumar/python-dotenv/releases) - [Changelog](https://github.com/theskumar/python-dotenv/blob/main/CHANGELOG.md) - [Commits](theskumar/python-dotenv@v1.2.1...v1.2.2) --- updated-dependencies: - dependency-name: python-dotenv dependency-version: 1.2.2 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [erb](https://github.com/ruby/erb) from 4.0.4 to 4.0.4.1. - [Release notes](https://github.com/ruby/erb/releases) - [Changelog](https://github.com/ruby/erb/blob/master/NEWS.md) - [Commits](ruby/erb@v4.0.4...v4.0.4.1) --- updated-dependencies: - dependency-name: erb dependency-version: 4.0.4.1 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [NHSDigital/nhs-notify-shared-modules](https://github.com/nhsdigital/nhs-notify-shared-modules) from 3.0.8 to 3.0.9. - [Release notes](https://github.com/nhsdigital/nhs-notify-shared-modules/releases) - [Commits](NHSDigital/nhs-notify-shared-modules@3.0.8...3.0.9) --- updated-dependencies: - dependency-name: NHSDigital/nhs-notify-shared-modules dependency-version: 3.0.9 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [actions/deploy-pages](https://github.com/actions/deploy-pages) from 4.0.5 to 5.0.0. - [Release notes](https://github.com/actions/deploy-pages/releases) - [Commits](actions/deploy-pages@d6db901...cd2ce8f) --- updated-dependencies: - dependency-name: actions/deploy-pages dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>

…botCombined

…mbined

…3.0.9 into dependabotCombined

…botCombined

…dabotCombined

…ombined

dependabot Bot and others added 22 commits March 26, 2026 18:21

Merge dependabot/bundler/docs/erb-4.0.4.1 into dependabotCombined

f1edc5a

Merge dependabot/pip/tests/e2e-tests/python-dotenv-1.2.2 into dependa…

a6b10f2

…botCombined

Merge dependabot/npm_and_yarn/protobufjs-7.5.5 into dependabotCombined

359750e

Merge dependabot/pip/tests/e2e-tests/authlib-1.6.11 into dependabotCo…

8484ebe

…mbined

Merge dependabot/npm_and_yarn/dompurify-3.4.0 into dependabotCombined

6275766

Merge dependabot/github_actions/NHSDigital/nhs-notify-shared-modules-…

1b7caca

…3.0.9 into dependabotCombined

Merge dependabot/pip/tests/e2e-tests/cryptography-46.0.7 into dependa…

69b38b4

…botCombined

Merge dependabot/bundler/docs/addressable-2.9.0 into dependabotCombined

16c4650

Merge dependabot/github_actions/actions/deploy-pages-5.0.0 into depen…

81fa9ed

…dabotCombined

Merge dependabot/pip/tests/e2e-tests/pygments-2.20.0 into dependabotC…

841017c

…ombined

Merge dependabot/pip/tests/e2e-tests/requests-2.33.0 into dependabotC…

1b0c623

…ombined

github-actions Bot requested review from a team as code owners April 28, 2026 08:36

github-actions Bot added the dependencies Pull requests that update a dependency file label Apr 28, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Combined Dependabot PRs#551

Combined Dependabot PRs#551
github-actions[bot] wants to merge 22 commits intomainfrom
dependabotCombined

github-actions Bot commented Apr 28, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

github-actions Bot commented Apr 28, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants