From e65a85d8f874f72a9232f9f0cef5dcf4d8e8a158 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sat, 14 Mar 2026 08:49:49 +0000
Subject: [PATCH] Bump flatted from 3.3.1 to 3.4.1 in
 /starters/nextjs/shopify-ecommerce

Bumps [flatted](https://github.com/WebReflection/flatted) from 3.3.1 to 3.4.1.
- [Commits](https://github.com/WebReflection/flatted/compare/v3.3.1...v3.4.1)

---
updated-dependencies:
- dependency-name: flatted
  dependency-version: 3.4.1
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 starters/nextjs/shopify-ecommerce/pnpm-lock.yaml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/starters/nextjs/shopify-ecommerce/pnpm-lock.yaml b/starters/nextjs/shopify-ecommerce/pnpm-lock.yaml
index adc841670..bcf4a02d6 100644
--- a/starters/nextjs/shopify-ecommerce/pnpm-lock.yaml
+++ b/starters/nextjs/shopify-ecommerce/pnpm-lock.yaml
@@ -1341,11 +1341,12 @@ packages:
 
   glob@10.4.5:
     resolution: {integrity: sha512-7Bv8RF0k6xjo7d4A/PxYLbUCfb6c+Vpd2/mB2yRDlew7Jb5hEXiCD9ibfO7wpk8i4sevK6DFny9h7EYbM3/sHg==}
+    deprecated: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me
     hasBin: true
 
   glob@7.2.3:
     resolution: {integrity: sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==}
-    deprecated: Glob versions prior to v9 are no longer supported
+    deprecated: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me
 
   globals@13.24.0:
     resolution: {integrity: sha512-AhO5QUcj8llrbG09iWhPU2B204J1xnPeL8kQmVorSsy+Sjj1sk8gIyh6cUocGmH4L0UuhAJy+hJMRA4mgA4mFQ==}
@@ -1822,6 +1823,7 @@ packages:
   next@15.0.3:
     resolution: {integrity: sha512-ontCbCRKJUIoivAdGB34yCaOcPgYXr9AAkV/IwqFfWWTXEPUgLYkSkqBhIk9KK7gGmgjc64B+RdoeIDM13Irnw==}
     engines: {node: ^18.18.0 || ^19.8.0 || >= 20.0.0}
+    deprecated: This version has a security vulnerability. Please upgrade to a patched version. See https://nextjs.org/blog/CVE-2025-66478 for more details.
     hasBin: true
     peerDependencies:
       '@opentelemetry/api': ^1.1.0