From dc01f7858a79ae1b7b14bbd80f45f3caefba71ca Mon Sep 17 00:00:00 2001
From: Jonathan Norris <jonathan.norris@dynatrace.com>
Date: Wed, 13 May 2026 09:40:05 -0400
Subject: [PATCH 1/2] chore: resolve open dependabot security alerts

- fast-uri 3.1.0 -> 3.1.2 via yarn resolution (high, alerts #44 #45)
---
 package.json | 3 ++-
 yarn.lock    | 8 ++++----
 2 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/package.json b/package.json
index 9549616..8fc6433 100644
--- a/package.json
+++ b/package.json
@@ -28,6 +28,7 @@
     "handlebars": "^4.7.9",
     "picomatch": "^2.3.2",
     "flatted": "^3.4.2",
-    "minimatch": "^9.0.7"
+    "minimatch": "^9.0.7",
+    "fast-uri": ">=3.1.2"
   }
 }
diff --git a/yarn.lock b/yarn.lock
index de253a7..b46622d 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -562,10 +562,10 @@ fast-levenshtein@^2.0.6:
   resolved "https://registry.yarnpkg.com/fast-levenshtein/-/fast-levenshtein-2.0.6.tgz#3d8a5c66883a16a30ca8643e851f19baa7797917"
   integrity sha512-DCXu6Ifhqcks7TZKY3Hxp3y6qphY5SJZmrWMDrKcERSOXWQdMhU9Ig/PYrzyw/ul9jOIyh0N4M0tbC5hodg8dw==
 
-fast-uri@^3.0.1:
-  version "3.1.0"
-  resolved "https://registry.yarnpkg.com/fast-uri/-/fast-uri-3.1.0.tgz#66eecff6c764c0df9b762e62ca7edcfb53b4edfa"
-  integrity sha512-iPeeDKJSWf4IEOasVVrknXpaBV0IApz/gp7S2bb7Z4Lljbl2MGJRqInZiUrQwV16cpzw/D3S5j5Julj/gT52AA==
+fast-uri@>=3.1.2, fast-uri@^3.0.1:
+  version "3.1.2"
+  resolved "https://registry.yarnpkg.com/fast-uri/-/fast-uri-3.1.2.tgz#8af3d4fc9d3e71b11572cc2673b514a7d1a8c8ec"
+  integrity sha512-rVjf7ArG3LTk+FS6Yw81V1DLuZl1bRbNrev6Tmd/9RaroeeRRJhAt7jg/6YFxbvAQXUCavSoZhPPj6oOx+5KjQ==
 
 fastq@^1.6.0:
   version "1.20.1"

From 73390150b0174b00bdd5b2fa45738aa2bc30a7d8 Mon Sep 17 00:00:00 2001
From: Jonathan Norris <jonathan.norris@dynatrace.com>
Date: Thu, 14 May 2026 09:34:11 -0400
Subject: [PATCH 2/2] fix: narrow fast-uri resolution to ^3.1.2 to prevent
 unexpected major bumps

---
 package.json | 2 +-
 yarn.lock    | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/package.json b/package.json
index 8fc6433..367d5cf 100644
--- a/package.json
+++ b/package.json
@@ -29,6 +29,6 @@
     "picomatch": "^2.3.2",
     "flatted": "^3.4.2",
     "minimatch": "^9.0.7",
-    "fast-uri": ">=3.1.2"
+    "fast-uri": "^3.1.2"
   }
 }
diff --git a/yarn.lock b/yarn.lock
index b46622d..a4886c0 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -562,7 +562,7 @@ fast-levenshtein@^2.0.6:
   resolved "https://registry.yarnpkg.com/fast-levenshtein/-/fast-levenshtein-2.0.6.tgz#3d8a5c66883a16a30ca8643e851f19baa7797917"
   integrity sha512-DCXu6Ifhqcks7TZKY3Hxp3y6qphY5SJZmrWMDrKcERSOXWQdMhU9Ig/PYrzyw/ul9jOIyh0N4M0tbC5hodg8dw==
 
-fast-uri@>=3.1.2, fast-uri@^3.0.1:
+fast-uri@^3.1.2, fast-uri@^3.0.1:
   version "3.1.2"
   resolved "https://registry.yarnpkg.com/fast-uri/-/fast-uri-3.1.2.tgz#8af3d4fc9d3e71b11572cc2673b514a7d1a8c8ec"
   integrity sha512-rVjf7ArG3LTk+FS6Yw81V1DLuZl1bRbNrev6Tmd/9RaroeeRRJhAt7jg/6YFxbvAQXUCavSoZhPPj6oOx+5KjQ==