chore(deps): bump ua-parser-js from 0.7.32 to 0.7.41 by dependabot[bot] · Pull Request #2 · ecampuslearning/document-service

dependabot · 2025-10-17T17:35:39Z

Bumps ua-parser-js from 0.7.32 to 0.7.41.

Release notes

v0.7.41

Version 0.7.41 / 1.0.41

Add new browser: Daum, Ladybird

Add new device vendor: HMD

Add new engine: LibWeb

Add new os: Windows IoT, Ubuntu Touch

Improve cpu detection: ARM, x86

Improve device vendor detection: Apple, Archos, Generic, Google, Honor, Huawei, Infinix, Nvidia, Lenovo, Nokia, OnePlus, Xiaomi

Improve device type detection: smarttv, wearables

Improve os detection: Linux, Symbian

Full Changelog: faisalman/ua-parser-js@0.7.40...0.7.41

v0.7.38

Version 0.7.38

Fix error on getOS() when userAgentData.platform is undefined

Add new browser: Opera GX, Twitter

Improve browser detection: DuckDuckGo

Improve device detection: OPPO Pad, Oculus Quest

v0.7.37

Version 0.7.37

Fix misidentified WebView token as device model

Increase UA_MAX_LENGTH to 500

Add new browser: Alipay, Klarna, Smart Lenovo Browser, Vivo Browser

Add new device: Ulefone

Improve device detection: Realme, Xiaomi Redmi

Rename browser: Avant, Baidu, Samsung Internet, Sogou Explorer, Sogou Mobile, WeChat

Changelog

Sourced from ua-parser-js's changelog.

Version 0.7.41 / 1.0.41

Add new browser: Daum, Ladybird

Add new device vendor: HMD

Add new engine: LibWeb

Add new os: Windows IoT, Ubuntu Touch

Improve cpu detection: ARM, x86

Improve device vendor detection: Apple, Archos, Generic, Google, Honor, Huawei, Infinix, Nvidia, Lenovo, Nokia, OnePlus, Xiaomi

Improve device type detection: smarttv, wearables

Improve os detection: Linux, Symbian

Version 0.7.40 / 1.0.40

Add new browser: 115, LibreWolf, Slimboat, Slimjet

Add new device: Advan, Cat, Energizer, IMO, Micromax, Smartfren

Add new engine: ArkWeb, Servo

Add new os: OpenHarmony

Improve browser detection: 2345, 360, Dragon, Iron, Maxthon

Recognize Honor as a separate device vendor from Huawei

Fix Python Request mistakenly identified as Meta Quest

Version 0.7.39 / 1.0.39

Add new feature: executable command using npx ua-parser-js "[INSERT-UA-HERE]"

Add new browser: Helio, Pico Browser, Wolvic

Add new device vendor: itel, Nothing, TCL

Improve browser detection: ICEBrowser, Klar, QQBrowser, Quark, Rekonq, Sleipnir

Improve device detection: Xiaomi Pro, Amazon Echo Show, Samsung Galaxy Watch

Removed from browser: Viera

Version 0.7.38 / 1.0.38

Fix error on getOS() when userAgentData.platform is undefined

Add new browser: Opera GX, Twitter

Improve browser detection: DuckDuckGo

Improve device detection: OPPO Pad, Oculus Quest

Version 0.7.37 / 1.0.37

Fix misidentified WebView token as device model

Increase UA_MAX_LENGTH to 500

Add new browser: Alipay, Klarna, Smart Lenovo Browser, Vivo Browser

Add new device: Ulefone

Improve device detection: Realme, Xiaomi Redmi

Rename browser: Avant, Baidu, Samsung Internet, Sogou Explorer, Sogou Mobile, WeChat

Version 0.7.36 / 1.0.36

Add new browser: Snapchat

Add new devices: Infinix, Tecno

Improve device detection: Amazon Fire TV, Xiaomi POCO

Improve OS detection: iOS

Version 0.7.35 / 1.0.35

Fix result from user-supplied user-agent being altered

Add new browser: Heytap, TikTok

... (truncated)

Commits

af825ff Bump version 0.7.41
5925954 Backport - Improve detection for Nokia device & Symbian OS
fc668ef Backport - Improve device detection for Generic device: capture its device mo...
0543fb2 Backport - Improve CPU detection: ARM
98f1c00 Backport - Improve device detection for unidentified SmartTV vendors
d66c971 Backport - Improve detection for Nvidia devices
cbe6038 Backport - Add Daum app user agent (#773)
e665bd5 Backport - Add new OS: Ubuntu Touch
20c3040 Backport - Add new device: Apple HomePod
9057a1d Backport - Add new browser: Ladybird
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by faisalman, a new releaser for ua-parser-js since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [ua-parser-js](https://github.com/faisalman/ua-parser-js) from 0.7.32 to 0.7.41. - [Release notes](https://github.com/faisalman/ua-parser-js/releases) - [Changelog](https://github.com/faisalman/ua-parser-js/blob/master/CHANGELOG.md) - [Commits](faisalman/ua-parser-js@0.7.32...0.7.41) --- updated-dependencies: - dependency-name: ua-parser-js dependency-version: 0.7.41 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

socket-security · 2025-10-17T17:36:39Z

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance
	react-error-overlay@6.0.11
	side-channel@1.0.4
	has-property-descriptors@1.0.0
	isarray@0.0.1
	safer-buffer@2.1.2
	define-properties@1.1.3 ⏵ 1.1.4			^-2
	path-parse@1.0.7
	has-symbols@1.0.1 ⏵ 1.0.3			⁺¹	⁺¹
	object.assign@4.1.2 ⏵ 4.1.4			⁺¹
	is-core-module@2.0.0 ⏵ 2.11.0	⁺¹		⁺²
	node-releases@1.1.65 ⏵ 2.0.6			^-28
	safe-buffer@5.1.2
	path-is-inside@1.0.2
	@types/parse-json@4.0.0
	get-own-enumerable-property-symbols@3.0.2
	@docsearch/css@3.3.0
	eta@1.12.3
	axios@0.18.1 ⏵ 0.25.0		⁺²⁰	⁺¹	⁺¹
	loader-utils@2.0.0 ⏵ 2.0.3		⁺³⁵	⁺¹
	@babel/plugin-transform-react-jsx-development@7.18.6
	is-regexp@1.0.0
	@algolia/logger-console@4.14.2
	detect-node@2.0.4 ⏵ 2.1.0			⁺³
	@algolia/logger-common@4.14.2
	@babel/plugin-syntax-private-property-in-object@7.14.5
	@algolia/cache-in-memory@4.14.2
	@algolia/requester-common@4.14.2
	@webassemblyjs/helper-api-error@1.9.0 ⏵ 1.11.1	⁺¹
	@babel/plugin-transform-dotall-regex@7.12.1 ⏵ 7.18.6				⁺¹
	@babel/plugin-transform-unicode-regex@7.12.1 ⏵ 7.18.6			⁺¹	⁺¹
	@webassemblyjs/ieee754@1.9.0 ⏵ 1.11.1	⁺¹
	@babel/plugin-syntax-class-static-block@7.14.5
See 618 more rows in the dashboard

View full report

socket-security · 2025-10-17T17:36:42Z

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert (click "▶" to expand/collapse)
Warn		`safer-buffer@2.1.2` has Obfuscated code. Confidence: 0.94 Location: Package overview From: docuserve/code/frontend/yarn.lock → `npm/safer-buffer@2.1.2` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/safer-buffer@2.1.2`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Oct 17, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump ua-parser-js from 0.7.32 to 0.7.41#2

chore(deps): bump ua-parser-js from 0.7.32 to 0.7.41#2
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/ua-parser-js-0.7.41

dependabot bot commented on behalf of github Oct 17, 2025

Uh oh!

socket-security bot commented Oct 17, 2025

Uh oh!

socket-security bot commented Oct 17, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot bot commented on behalf of github Oct 17, 2025

v0.7.41

Version 0.7.41 / 1.0.41

v0.7.38

Version 0.7.38

v0.7.37

Version 0.7.37

Version 0.7.41 / 1.0.41

Version 0.7.40 / 1.0.40

Version 0.7.39 / 1.0.39

Version 0.7.38 / 1.0.38

Version 0.7.37 / 1.0.37

Version 0.7.36 / 1.0.36

Version 0.7.35 / 1.0.35

Uh oh!

socket-security bot commented Oct 17, 2025

Uh oh!

socket-security bot commented Oct 17, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants