fix(deps): bump the patch-dependencies group across 1 directory with 4 updates

[dependabot]

Bumps the patch-dependencies group with 4 updates in the / directory: @heroku-cli/color, @heroku-cli/notifications, fs-extra and @heroku-cli/schema.

Updates @heroku-cli/color from 2.0.4 to 2.0.5

Release notes

Sourced from @​heroku-cli/color's releases.

color: v2.0.5

2.0.5 (2026-01-29)

Bug Fixes

• deps: bump lodash from 4.17.21 to 4.17.23 (#142) (b5b812f)

Miscellaneous Chores

• bump actions/checkout from 3 to 6 (#138) (a8ead5c)
• bump actions/setup-node from 3 to 6 (#137) (6089bdb)
• onboard shared workflows (#133) (c40e2b1)
• onboard shared workflows (#141) (efb7e2a)
• Resolve 3PP vulnerabilities (W-20328182) (7816ddf)

Changelog

Sourced from @​heroku-cli/color's changelog.

2.0.5 (2026-01-29)

Bug Fixes

• deps: bump lodash from 4.17.21 to 4.17.23 (#142) (b5b812f)

Miscellaneous Chores

• bump actions/checkout from 3 to 6 (#138) (a8ead5c)
• bump actions/setup-node from 3 to 6 (#137) (6089bdb)
• onboard shared workflows (#133) (c40e2b1)
• onboard shared workflows (#141) (efb7e2a)
• Resolve 3PP vulnerabilities (W-20328182) (7816ddf)

Commits

• See full diff in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​heroku-cli/color since your current version.

Updates @heroku-cli/notifications from 1.2.5 to 1.2.6

Release notes

Sourced from @​heroku-cli/notifications's releases.

notifications: v1.2.6

1.2.6 (2026-02-05)

Bug Fixes

• silence notification errors on macOS (#85) (ac8b743)

Miscellaneous Chores

• adding workflows for onboarding to the npm-release-workflows shared release (#81) (43e91ce)
• deps-dev: bump @​types/node from 20.14.8 to 24.3.1 (#56) (2c2a90f)
• deps-dev: bump @​types/node from 24.3.1 to 24.10.1 (#70) (5f4e3bd)
• deps-dev: bump chai and @​types/chai (#27) (b55e9d4)
• deps-dev: bump chai from 5.2.0 to 6.2.0 (#61) (12443a5)
• deps-dev: bump chai from 6.2.0 to 6.2.1 (#72) (3d8e8b5)
• deps-dev: bump eslint-plugin-mocha from 10.5.0 to 11.0.0 (#59) (0e3a2d9)
• deps-dev: bump mocha from 10.8.2 to 11.7.2 (#53) (1162cbe)
• deps-dev: bump typescript from 4.8.4 to 5.9.3 (#63) (df572c1)
• deps: bump lodash from 4.17.21 to 4.17.23 (#82) (0eec74f)
• update glob resolution in yarn.lock (#69) (1647eb4)
• update PR template (#84) (3442ae5)

Changelog

Sourced from @​heroku-cli/notifications's changelog.

1.2.6 (2026-02-05)

Bug Fixes

• silence notification errors on macOS (#85) (ac8b743)

Miscellaneous Chores

• adding workflows for onboarding to the npm-release-workflows shared release (#81) (43e91ce)
• deps-dev: bump @​types/node from 20.14.8 to 24.3.1 (#56) (2c2a90f)
• deps-dev: bump @​types/node from 24.3.1 to 24.10.1 (#70) (5f4e3bd)
• deps-dev: bump chai and @​types/chai (#27) (b55e9d4)
• deps-dev: bump chai from 5.2.0 to 6.2.0 (#61) (12443a5)
• deps-dev: bump chai from 6.2.0 to 6.2.1 (#72) (3d8e8b5)
• deps-dev: bump eslint-plugin-mocha from 10.5.0 to 11.0.0 (#59) (0e3a2d9)
• deps-dev: bump mocha from 10.8.2 to 11.7.2 (#53) (1162cbe)
• deps-dev: bump typescript from 4.8.4 to 5.9.3 (#63) (df572c1)
• deps: bump lodash from 4.17.21 to 4.17.23 (#82) (0eec74f)
• update glob resolution in yarn.lock (#69) (1647eb4)
• update PR template (#84) (3442ae5)

1.2.1 (2018-05-15)

Bug Fixes

• updated deps (960f999)

1.2.0 (2018-04-06)

Features

• added heroku image by default (c8f3070)

1.1.0 (2018-04-06)

Features

• added force option (93fd098)

1.0.3 (2018-04-06)

... (truncated)

Commits

• 2653644 chore(main): release notifications 1.2.6 (#83)
• ac8b743 fix: silence notification errors on macOS (#85)
• 3442ae5 chore: update PR template (#84)
• 43e91ce chore: adding workflows for onboarding to the npm-release-workflows shared re...
• 0eec74f chore(deps): bump lodash from 4.17.21 to 4.17.23 (#82)
• 3d8e8b5 chore(deps-dev): bump chai from 6.2.0 to 6.2.1 (#72)
• 0e3a2d9 chore(deps-dev): bump eslint-plugin-mocha from 10.5.0 to 11.0.0 (#59)
• 5f4e3bd chore(deps-dev): bump @​types/node from 24.3.1 to 24.10.1 (#70)
• df572c1 chore(deps-dev): bump typescript from 4.8.4 to 5.9.3 (#63)
• 1647eb4 chore: update glob resolution in yarn.lock (#69)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​heroku-cli/notifications since your current version.

Updates fs-extra from 11.3.0 to 11.3.3

Changelog

Sourced from fs-extra's changelog.

11.3.3 / 2025-12-18

• Fix copying symlink when destination is a symlink to the same target (#1019, #1060)

11.3.2 / 2025-09-15

• Fix spurrious UnhandledPromiseRejectionWarning that could occur when calling .copy() in some cases (#1056, #1058)

11.3.1 / 2025-08-05

• Fix case where move/moveSync could incorrectly think files are identical on Windows (#1050)

Commits

• 1de81e9 11.3.3
• ddc46f7 Fix symlink copy failing when source and dest symlinks point to same target (...
• 5023c22 Use macos-15-intel runner (#1061)
• 403e8aa 11.3.2
• 47f1095 Fix UnhandledPromiseRejectionWarning in copy (#1058)
• 5e62bb7 11.3.1
• b897b36 fix incorrect identical result for windows node v22+ (#1050)
• 22583f7 Test on more modern Node versions (#1051)
• 83ff8ca Do not mutate args in ensure symlink tests (#1052)
• See full diff in compare view

Updates @heroku-cli/schema from 2.0.0 to 2.0.1

Release notes

Sourced from @​heroku-cli/schema's releases.

schema: v2.0.1

2.0.1 (2026-01-29)

Bug Fixes

• deps: bump lodash from 4.17.21 to 4.17.23 (#66) (994317f)
• update dependencies to fix high vulnerabilities (9c17409)
• update package version to resolve glob vuln (#56) (df9cf99)

Miscellaneous Chores

• Add @​heroku/frontend-dev-tooling to CODEOWNERS (#63) (d45fde0)
• deps-dev: bump eslint from 8.57.0 to 8.57.1 (#46) (806e7a6)
• deps-dev: bump eslint-config-oclif-typescript (#49) (e01ddf3)
• deps-dev: bump the dev-deps group with 2 updates (#62) (63ac8de)
• deps: bump js-yaml from 4.1.0 to 4.1.1 (3f1c629)
• deps: bump js-yaml from 4.1.0 to 4.1.1 (24540c0)
• onboard shared workflows (#58) (90cad55)
• onboard shared workflows (#65) (f9b70d5)
• Remove redundant team from CODEOWNERS (#64) (27a3b6e)

Changelog

Sourced from @​heroku-cli/schema's changelog.

2.0.1 (2026-01-29)

Bug Fixes

• deps: bump lodash from 4.17.21 to 4.17.23 (#66) (994317f)
• update dependencies to fix high vulnerabilities (9c17409)
• update package version to resolve glob vuln (#56) (df9cf99)

Miscellaneous Chores

• Add @​heroku/frontend-dev-tooling to CODEOWNERS (#63) (d45fde0)
• deps-dev: bump eslint from 8.57.0 to 8.57.1 (#46) (806e7a6)
• deps-dev: bump eslint-config-oclif-typescript (#49) (e01ddf3)
• deps-dev: bump the dev-deps group with 2 updates (#62) (63ac8de)
• deps: bump js-yaml from 4.1.0 to 4.1.1 (3f1c629)
• deps: bump js-yaml from 4.1.0 to 4.1.1 (24540c0)
• onboard shared workflows (#58) (90cad55)
• onboard shared workflows (#65) (f9b70d5)
• Remove redundant team from CODEOWNERS (#64) (27a3b6e)

1.0.22 (2018-10-02)

Bug Fixes

• updated schema (4c3b87b)

1.0.21 (2018-09-14)

Bug Fixes

• updated deps (c6b93ed)
• updated schema (5f496dc)

1.0.20 (2018-09-11)

Bug Fixes

• updated schema (7a5d0c5)

1.0.19 (2018-09-05)

Bug Fixes

• updated schema (6338c09)

... (truncated)

Commits

• dbcc57b chore(main): release schema 2.0.1 (#61)
• 994317f fix(deps): bump lodash from 4.17.21 to 4.17.23 (#66)
• f9b70d5 chore: onboard shared workflows (#65)
• 27a3b6e chore: Remove redundant team from CODEOWNERS (#64)
• 63ac8de chore(deps-dev): bump the dev-deps group with 2 updates (#62)
• d45fde0 chore: Add @​heroku/frontend-dev-tooling to CODEOWNERS (#63)
• 90cad55 chore: onboard shared workflows (#58)
• e01ddf3 chore(deps-dev): bump eslint-config-oclif-typescript (#49)
• 3f1c629 Merge pull request #55 from heroku/dependabot/npm_and_yarn/js-yaml-4.1.1
• 24540c0 chore(deps): bump js-yaml from 4.1.0 to 4.1.1
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​heroku-cli/schema since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions