From 7eba0d7773c1025ff62a5951d819f70e9d7778e3 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 20 Nov 2025 19:32:20 +0000
Subject: [PATCH 1/2] Bump strip-bom from 3.0.0 to 5.0.0

Bumps [strip-bom](https://github.com/sindresorhus/strip-bom) from 3.0.0 to 5.0.0.
- [Release notes](https://github.com/sindresorhus/strip-bom/releases)
- [Commits](https://github.com/sindresorhus/strip-bom/compare/v3.0.0...v5.0.0)

---
updated-dependencies:
- dependency-name: strip-bom
  dependency-version: 5.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 package-lock.json | 13 ++++++++-----
 package.json      |  2 +-
 2 files changed, 9 insertions(+), 6 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index b3c1c0953..4237b9c2d 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -16,7 +16,7 @@
         "get-stream": "^6.0.1",
         "lodash": "^4.17.21",
         "sax": "^1.4.1",
-        "strip-bom": "^3.0.0",
+        "strip-bom": "^5.0.0",
         "whatwg-mimetype": "4.0.0",
         "xml-crypto": "^6.1.2"
       },
@@ -7171,12 +7171,15 @@
       }
     },
     "node_modules/strip-bom": {
-      "version": "3.0.0",
-      "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-3.0.0.tgz",
-      "integrity": "sha512-vavAMRXOgBVNF6nyEEmL3DBK19iRpDcoIwW+swQ+CbGiu7lju6t+JklA1MHweoWtadgt4ISVUsXLyDq34ddcwA==",
+      "version": "5.0.0",
+      "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-5.0.0.tgz",
+      "integrity": "sha512-p+byADHF7SzEcVnLvc/r3uognM1hUhObuHXxJcgLCfD194XAkaLbjq3Wzb0N5G2tgIjH0dgT708Z51QxMeu60A==",
       "license": "MIT",
       "engines": {
-        "node": ">=4"
+        "node": ">=12"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/sindresorhus"
       }
     },
     "node_modules/strip-json-comments": {
diff --git a/package.json b/package.json
index 3ef687774..7ea89a5be 100644
--- a/package.json
+++ b/package.json
@@ -14,7 +14,7 @@
     "get-stream": "^6.0.1",
     "lodash": "^4.17.21",
     "sax": "^1.4.1",
-    "strip-bom": "^3.0.0",
+    "strip-bom": "^5.0.0",
     "whatwg-mimetype": "4.0.0",
     "xml-crypto": "^6.1.2"
   },

From 7fe52293bf04078577e980cc7dfa707c82083f71 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 20 Nov 2025 19:31:44 +0000
Subject: [PATCH 2/2] Bump get-stream from 6.0.1 to 9.0.1

Bumps [get-stream](https://github.com/sindresorhus/get-stream) from 6.0.1 to 9.0.1.
- [Release notes](https://github.com/sindresorhus/get-stream/releases)
- [Commits](https://github.com/sindresorhus/get-stream/compare/v6.0.1...v9.0.1)

---
updated-dependencies:
- dependency-name: get-stream
  dependency-version: 9.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 package-lock.json | 32 +++++++++++++++++++++++++++-----
 package.json      |  2 +-
 2 files changed, 28 insertions(+), 6 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 4237b9c2d..a0cbc4c6a 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -13,7 +13,7 @@
         "axios-ntlm": "^1.4.6",
         "debug": "^4.4.3",
         "formidable": "^3.5.4",
-        "get-stream": "^6.0.1",
+        "get-stream": "^9.0.1",
         "lodash": "^4.17.21",
         "sax": "^1.4.1",
         "strip-bom": "^5.0.0",
@@ -843,6 +843,12 @@
         "node": ">=14"
       }
     },
+    "node_modules/@sec-ant/readable-stream": {
+      "version": "0.4.1",
+      "resolved": "https://registry.npmjs.org/@sec-ant/readable-stream/-/readable-stream-0.4.1.tgz",
+      "integrity": "sha512-831qok9r2t8AlxLko40y2ebgSDhenenCatLVeW/uBtnHPyhHOvG0C7TvfgecV+wHzIm5KUICgzmVpWS+IMEAeg==",
+      "license": "MIT"
+    },
     "node_modules/@shikijs/engine-oniguruma": {
       "version": "3.13.0",
       "resolved": "https://registry.npmjs.org/@shikijs/engine-oniguruma/-/engine-oniguruma-3.13.0.tgz",
@@ -3394,12 +3400,28 @@
       }
     },
     "node_modules/get-stream": {
-      "version": "6.0.1",
-      "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz",
-      "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==",
+      "version": "9.0.1",
+      "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-9.0.1.tgz",
+      "integrity": "sha512-kVCxPF3vQM/N0B1PmoqVUqgHP+EeVjmZSQn+1oCRPxd2P21P2F19lIgbR3HBosbB1PUhOAoctJnfEn2GbN2eZA==",
       "license": "MIT",
+      "dependencies": {
+        "@sec-ant/readable-stream": "^0.4.1",
+        "is-stream": "^4.0.1"
+      },
       "engines": {
-        "node": ">=10"
+        "node": ">=18"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/sindresorhus"
+      }
+    },
+    "node_modules/get-stream/node_modules/is-stream": {
+      "version": "4.0.1",
+      "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-4.0.1.tgz",
+      "integrity": "sha512-Dnz92NInDqYckGEUJv689RbRiTSEHCQ7wOVeALbkOz999YpqT46yMRIGtSNl2iCL1waAZSx40+h59NV/EwzV/A==",
+      "license": "MIT",
+      "engines": {
+        "node": ">=18"
       },
       "funding": {
         "url": "https://github.com/sponsors/sindresorhus"
diff --git a/package.json b/package.json
index 7ea89a5be..81ba91e01 100644
--- a/package.json
+++ b/package.json
@@ -11,7 +11,7 @@
     "axios-ntlm": "^1.4.6",
     "debug": "^4.4.3",
     "formidable": "^3.5.4",
-    "get-stream": "^6.0.1",
+    "get-stream": "^9.0.1",
     "lodash": "^4.17.21",
     "sax": "^1.4.1",
     "strip-bom": "^5.0.0",