chore(deps): bump valibot from 1.4.1 to 1.4.2 by dependabot[bot] · Pull Request #5382 · aws-powertools/powertools-lambda-typescript

dependabot · 2026-06-29T13:16:30Z

Bumps valibot from 1.4.1 to 1.4.2.

Release notes

v1.4.2

Many thanks to @Faze-up and @chatman-media for contributing to this release.

Fix word count actions to cache the Intl.Segmenter for non-primitive locales, preventing it from being recreated on every words, minWords, maxWords and notWords validation (pull request #1521)

Fix flatten method to handle issue path keys that collide with Object.prototype members like toString instead of throwing a TypeError (pull request #1522)

Fix intersect schema to merge object keys that collide with Object.prototype members like toString instead of failing to merge them (pull request #1522)

Commits

0dc26ea Bump library version to 1.4.2
1bd01c3 fix: handle keys that collide with Object.prototype in flatten and merge (#1522)
752c636 docs: clarify string length semantics (#1505)
a3beff9 fix: cache word-count segmenter for non-primitive locales (#1521)
1f9b183 Update FUNDING.yml in fabvor of Open Collective
2c63b2a Update logos of partners in README
09616b2 Add CodeRabbit as partner and remove Stainless
92bcf55 Add Cloudflare to privacy policy page
9bb6617 Add Cloudflare as a deploy target to our website (#1508)
c05bf95 Bump to-json-schema version to 1.7.1
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [valibot](https://github.com/open-circle/valibot) from 1.4.1 to 1.4.2. - [Release notes](https://github.com/open-circle/valibot/releases) - [Commits](open-circle/valibot@v1.4.1...v1.4.2) --- updated-dependencies: - dependency-name: valibot dependency-version: 1.4.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

sonarqubecloud · 2026-06-29T13:17:02Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

dependabot Bot added dependencies Changes that touch dependencies, e.g. Dependabot, etc. javascript Pull requests that update Javascript code labels Jun 29, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

chore(deps): bump valibot from 1.4.1 to 1.4.2#5382

chore(deps): bump valibot from 1.4.1 to 1.4.2#5382
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/main/valibot-1.4.2

dependabot Bot commented on behalf of github Jun 29, 2026

Uh oh!

sonarqubecloud Bot commented Jun 29, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Uh oh!

Conversation

dependabot Bot commented on behalf of github Jun 29, 2026

v1.4.2

Uh oh!

sonarqubecloud Bot commented Jun 29, 2026

Quality Gate passed

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants