Skip to content

chore(deps): bump @socialgouv/matomo-next from 1.11.0 to 1.13.1#2860

Open
dependabot[bot] wants to merge 1 commit intoalphafrom
dependabot/npm_and_yarn/alpha/socialgouv/matomo-next-1.13.1
Open

chore(deps): bump @socialgouv/matomo-next from 1.11.0 to 1.13.1#2860
dependabot[bot] wants to merge 1 commit intoalphafrom
dependabot/npm_and_yarn/alpha/socialgouv/matomo-next-1.13.1

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Mar 2, 2026
edited
Loading

Bumps @socialgouv/matomo-next from 1.11.0 to 1.13.1.

Release notes

Sourced from @​socialgouv/matomo-next's releases.

v1.13.1

1.13.1 (2026-02-27)

Bug Fixes

  • format: ajout de prettier comme formatter dans la CI (#158) (db4e310)
Changelog

Sourced from @​socialgouv/matomo-next's changelog.

1.13.1 (2026-02-27)

Bug Fixes

  • format: ajout de prettier comme formatter dans la CI (#158) (db4e310)

1.13.0 (2026-02-27)

Features

  • add server-side tracking proxy to bypass ad-blockers (#157) (913e3b1)

1.12.0 (2026-02-27)

Bug Fixes

  • types: trackEvent cannot accept à string on the latest parameters + add some types of the library (#148) (73649db)

Features

  • add A/B testing support with React hooks (#155) (89f5d58)
Commits
  • 2946cf6 chore(release): version 1.13.1
  • db4e310 fix(format): ajout de prettier comme formatter dans la CI (#158)
  • d853b7c chore(release): version 1.13.0
  • 913e3b1 feat: add server-side tracking proxy to bypass ad-blockers (#157)
  • f0c12b2 chore(release): version 1.12.0
  • 89f5d58 feat: add A/B testing support with React hooks (#155)
  • a1cfa53 chore: migrate from yarn to pnpm 10 + update all dependencies (#154)
  • 73649db fix(types): trackEvent cannot accept à string on the latest parameters + ad...
  • See full diff in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​socialgouv/matomo-next since your current version.


Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Mar 2, 2026
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github Mar 2, 2026

Labels

The following labels could not be found: bot. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@socket-security
Copy link
Copy Markdown

socket-security Bot commented Mar 2, 2026
edited
Loading

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Updated@​socialgouv/​matomo-next@​1.11.0 ⏵ 1.13.184 -910010090 -1100

View full report

@socket-security
Copy link
Copy Markdown

socket-security Bot commented Mar 2, 2026
edited
Loading

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action Severity Alert  (click "▶" to expand/collapse)
Warn High
Obfuscated code: npm @socialgouv/matomo-next is 98.0% likely obfuscated

Confidence: 0.98

Location: Package overview

From: packages/app/package.jsonnpm/@socialgouv/matomo-next@1.13.1

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@socialgouv/matomo-next@1.13.1. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
Obfuscated code: npm @socialgouv/matomo-next is 98.0% likely obfuscated

Confidence: 0.98

Location: Package overview

From: packages/app/package.jsonnpm/@socialgouv/matomo-next@1.13.1

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@socialgouv/matomo-next@1.13.1. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/alpha/socialgouv/matomo-next-1.13.1 branch from 94e4327 to 601f8f6 Compare March 3, 2026 11:51
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/alpha/socialgouv/matomo-next-1.13.1 branch from 601f8f6 to 46be4f4 Compare March 9, 2026 00:05
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/alpha/socialgouv/matomo-next-1.13.1 branch from 46be4f4 to 20e7c0b Compare March 10, 2026 10:14
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/alpha/socialgouv/matomo-next-1.13.1 branch from 20e7c0b to 02928d5 Compare March 16, 2026 16:59
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/alpha/socialgouv/matomo-next-1.13.1 branch from 02928d5 to 64d7165 Compare March 17, 2026 12:14
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/alpha/socialgouv/matomo-next-1.13.1 branch from 64d7165 to ef8b770 Compare March 18, 2026 17:39
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/alpha/socialgouv/matomo-next-1.13.1 branch from ef8b770 to 4c96fb3 Compare March 19, 2026 14:43
@dependabot dependabot Bot requested a review from a team as a code owner March 19, 2026 14:43
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/alpha/socialgouv/matomo-next-1.13.1 branch from 4c96fb3 to 6ba3a7f Compare March 24, 2026 10:21
@maxgfr maxgfr removed the request for review from a team March 24, 2026 11:21
@dependabot
chore(deps): bump @socialgouv/matomo-next from 1.11.0 to 1.13.1
a07e50e 
Bumps [@socialgouv/matomo-next](https://github.com/SocialGouv/matomo-next) from 1.11.0 to 1.13.1.
- [Release notes](https://github.com/SocialGouv/matomo-next/releases)
- [Changelog](https://github.com/SocialGouv/matomo-next/blob/master/CHANGELOG.md)
- [Commits](SocialGouv/matomo-next@v1.11.0...v1.13.1)

---
updated-dependencies:
- dependency-name: "@socialgouv/matomo-next"
  dependency-version: 1.13.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/alpha/socialgouv/matomo-next-1.13.1 branch from 6ba3a7f to a07e50e Compare March 30, 2026 16:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants