Skip to content

chore(deps): bump mermaid from 11.15.0 to 11.16.0#94

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/mermaid-11.16.0
Open

chore(deps): bump mermaid from 11.15.0 to 11.16.0#94
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/mermaid-11.16.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 26, 2026

Copy link
Copy Markdown
Contributor

Bumps mermaid from 11.15.0 to 11.16.0.

Release notes

Sourced from mermaid's releases.

mermaid@11.16.0

Minor Changes

  • #7535 ea1c48f Thanks @​ragelink! - feat(cynefin): Adds the Cynefin framework as a new diagram type (beta) to Mermaid (available as cynefin-beta). The Cynefin framework, created by Dave Snowden, is a decision-making framework that categorizes problems into five complexity domains, widely used in agile, incident management, strategy, and organizational design.

  • #7721 f45cc2c Thanks @​notionparallax! - feat(treeView): add box-drawing character input support for treeView diagrams

  • #7550 f1f4d45 Thanks @​DominicBurkart! - feat(xychart): add per-point text labels for xychart line plots

  • #7527 b4d0442 Thanks @​notionparallax! - feat(treeView): Extends the existing treeView-beta diagram with features useful for representing file/directory structures.

  • #7793 a6f097d Thanks @​SSDWGG! - feat(er): support optional ER attribute types with a ? suffix

  • #7772 37f2e36 Thanks @​devareddy05! - feat(gantt): support multiple excludes / includes lines so long exclusion lists can be split into commented groups (#6270)

  • #7708 4e63e9d Thanks @​txmxthy! - feat(architecture): add align row|column {ids…} directive to architecture-beta diagrams so authors can declare horizontal or vertical alignment of services explicitly.

  • #7760 05223be Thanks @​ngdaniels! - feat(pie): Enhance Pie Chart - Enable donut chart, Set legend position, and highlight slice

  • #7251 216e4e9 Thanks @​ydah! - feat(railroad): Add support for Railroad Diagrams (Syntax Diagrams) with four input syntaxes: IR (railroad-beta), EBNF (railroad-ebnf-beta), ABNF (railroad-abnf-beta), and PEG (railroad-peg-beta).

  • #7774 e5c75e6 Thanks @​ngdaniels! - feat(xychart): enable rotate label on X-axis

  • #7791 974fa7b Thanks @​knsv-bot! - feat(swimlane): add swimlane as a standalone diagram type with a dedicated layered orthogonal layout algorithm

Patch Changes

... (truncated)

Commits
  • 7c0cafc Version Packages: v11.16.0 (#7916)
  • 26acd1a Merge pull request #7915 from mermaid-js/release/11.16.0
  • 5a8eae7 Merge branch 'master' into release/11.16.0
  • dd5ea77 Merge pull request #7913 from mermaid-js/pebr/fix-changesets
  • 658ee66 docs: fix missing bumps of @mermaid-js/parser
  • 04259a1 docs: fix author and commit on examples changeset
  • c9dcfb1 docs: update changeset diagram scopes
  • a34dab9 docs: remove swimlane/cynefin bugfix changesets
  • e81f31f docs: remove local-editor changeset
  • 7223f03 Minor correction
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [mermaid](https://github.com/mermaid-js/mermaid) from 11.15.0 to 11.16.0.
- [Release notes](https://github.com/mermaid-js/mermaid/releases)
- [Commits](https://github.com/mermaid-js/mermaid/compare/mermaid@11.15.0...mermaid@11.16.0)

---
updated-dependencies:
- dependency-name: mermaid
  dependency-version: 11.16.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 26, 2026
@cloudflare-workers-and-pages

cloudflare-workers-and-pages Bot commented Jun 26, 2026

Copy link
Copy Markdown

Deploying agent-render with  Cloudflare Pages  Cloudflare Pages

Latest commit: d839308
Status: ✅  Deploy successful!
Preview URL: https://6993e5c8.agent-render.pages.dev
Branch Preview URL: https://dependabot-npm-and-yarn-merm-25hp.agent-render.pages.dev

View logs

@socket-security

Copy link
Copy Markdown

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security
Vulnerability Quality Maintenance License
Updatedmermaid@​11.15.0 ⏵ 11.16.088 +14100100 +196100

View full report

@socket-security

Copy link
Copy Markdown

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action Severity Alert  (click "▶" to expand/collapse)
Warn High
Obfuscated code: npm mermaid is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: package-lock.jsonnpm/mermaid@11.16.0

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/mermaid@11.16.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

@kilo-code-bot

kilo-code-bot Bot commented Jun 26, 2026

Copy link
Copy Markdown

Code Review Summary

Status: No Issues Found | Recommendation: Merge

Files Reviewed (2 files)
  • package.json
  • package-lock.json

This is a Dependabot dependency bump for mermaid (11.15.0 → 11.16.0). The only changes are the version string in package.json and the corresponding regenerated lockfile entries in package-lock.json. No application code paths were modified, so no high-confidence bugs, security, or logic issues were found in the PR changes.


Reviewed by glm-5.2-short · Input: 53.8K · Output: 949 · Cached: 100.4K

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants