mend-for-github-com[bot]

fix(deps): update dependency @material/chips to v9.0.0 (master)

1

This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Adoption](https://docs.renovatebot.com/merge-confidence/) | [Passing](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---|---|---| | [@material/chips](https://redirect.github.com/material-components/material-components-web) ([source](https://redirect.github.com/material-components/material-components-web/tree/HEAD/packages/mdc-chips)) | [`9.0.0-canary.1c156d69d.0` -> `9.0.0`](https://renovatebot.com/diffs/npm/@material%2fchips/9.0.0-canary.1c156d69d.0/9.0.0) |  |...

Vulnerable Library - minimatch-3.1.2.tgz Path to dependency file: /package.json Path to vulnerable library: /package.json Found in HEAD commit: a8da7bb934622df14dcd8d6786e9469aca362ed0 ## Vulnerabilities | Vulnerability | Severity | CVSS | Exploit Maturity...

Vulnerable Library - compiler-11.2.7.tgz Angular - the compiler library Library home page: https://registry.npmjs.org/@angular/compiler/-/compiler-11.2.7.tgz Path to dependency file: /package.json Path to vulnerable library: /node_modules/@angular/compiler/package.json ## Vulnerabilities | Vulnerability | Severity |...

Vulnerable Library - core-11.2.7.tgz Angular - the core framework Library home page: https://registry.npmjs.org/@angular/core/-/core-11.2.7.tgz Path to dependency file: /package.json Path to vulnerable library: /node_modules/@angular/core/package.json ## Vulnerabilities | Vulnerability | Severity |...

Vulnerable Library - common-11.2.7.tgz Angular - commonly needed directives and services Library home page: https://registry.npmjs.org/@angular/common/-/common-11.2.7.tgz Path to dependency file: /package.json Path to vulnerable library: /node_modules/@angular/common/package.json ## Vulnerabilities | Vulnerability |...

> **Note:** This PR body was truncated due to platform limits. This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Adoption](https://docs.renovatebot.com/merge-confidence/) | [Passing](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) |...

This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Adoption](https://docs.renovatebot.com/merge-confidence/) | [Passing](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---|---|---| | [vue](https://redirect.github.com/vuejs/core/tree/main/packages/vue#readme) ([source](https://redirect.github.com/vuejs/core)) | [`3.5.24` -> `3.5.26`](https://renovatebot.com/diffs/npm/vue/3.5.24/3.5.26) |  |...

_publish-flutter.yml - Ensure top-level permissions are not set to write-all

1

## _publish-flutter.yml - Ensure top-level permissions are not set to write-all Violation detected in /.github/workflows/_publish-flutter.yml:[0-1] :page_with_curl: File Type: github_actions :no_entry: Details - Ensure top-level permissions are not set to write-all

## CVE-2025-15284 - High Severity Vulnerability Vulnerable Library - qs-6.13.0.tgz Library home page: https://registry.npmjs.org/qs/-/qs-6.13.0.tgz Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: - @finos/fdc3-sail-web-0.0.0.tgz (Root Library)...

## CVE-2025-7783 - High Severity Vulnerability Vulnerable Library - form-data-4.0.2.tgz A library to create readable "multipart/form-data" streams. Can be used to submit forms and file uploads to other web applications....