chore(deps): bump handlebars from 4.7.8 to 4.7.9 in /plugins/commercetools

[dependabot]

Bumps handlebars from 4.7.8 to 4.7.9.

Release notes

Sourced from handlebars's releases.

v4.7.9

• fix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2
• fix type "RuntimeOptions" also accepting string partials - eab1d14
• feat(types): set hash to be a Record<string, any> - de4414d
• fix non-contiguous program indices - 4512766
• refactor: rename i to startPartIndex - e497a35
• security: fix security issues - 68d8df5
  • GHSA-2w6w-674q-4c4q
  • GHSA-3mfm-83xf-c92r
  • GHSA-xhpv-hc6g-r9c6
  • GHSA-xjpj-3mr7-gcpf
  • GHSA-9cx6-37pm-9jff
  • GHSA-2qvq-rjwj-gvw9
  • GHSA-7rx3-28cr-v5wh
  • GHSA-442j-39wm-28r2

Commits

Changelog

Sourced from handlebars's changelog.

v4.7.9 - March 26th, 2026

• fix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2
• fix type "RuntimeOptions" also accepting string partials - eab1d14
• feat(types): set hash to be a Record<string, any> - de4414d
• fix non-contiguous program indices - 4512766
• refactor: rename i to startPartIndex - e497a35
• security: fix security issues - 68d8df5

Commits

Commits

• dce542c v4.7.9
• 8a41389 Update release notes
• 68d8df5 Fix security issues
• b2a0831 Fix browser tests
• 9f98c16 Fix release script
• 45443b4 Revert "Improve partial indenting performance"
• 8841a5f Fix CI errors with linting
• e0137c2 fix: enable shell mode for spawn to resolve Windows EINVAL issue
• e914d60 Improve rendering performance
• 7de4b41 Upgrade GitHub Actions checkout and setup-node on 4.x branch
• Additional commits viewable in compare view

---

Note

Low Risk
Low risk dependency-only change confined to plugins/commercetools lockfile; main risk is unexpected transitive dependency resolution differences during install/build.

Overview
Updates plugins/commercetools/package-lock.json to use handlebars@4.7.9 (from 4.7.8) for the commercetools plugin.

The lockfile regeneration also adjusts transitive/optional packages (e.g., adds fsevents and removes some previously locked optional peer entries like encoding and a few jest-circus nested deps), without changing runtime source code.

^{Written by Cursor Bugbot for commit 71b6d2d. This will update automatically on new commits. Configure here.}

[changeset-bot]

⚠️ No Changeset found

Latest commit: 71b6d2d

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[nx-cloud]

🤖 Nx Cloud AI Fix Eligible

An automatically generated fix could have helped fix failing tasks for this run, but Self-healing CI is disabled for this workspace. Visit workspace settings to enable it and get automatic fixes in future runs.

_{To disable these notifications, a workspace admin can disable them in workspace settings.}

---

View your CI Pipeline Execution ↗ for commit 71b6d2d

Command	Status	Duration	Result
nx test @snippet/react	❌ Failed	11m 3s	View ↗
nx test @e2e/nuxt	✅ Succeeded	5m 47s	View ↗
nx test @e2e/angular-17-ssr	✅ Succeeded	5m 24s	View ↗
nx test @e2e/angular-19-ssr	✅ Succeeded	5m 27s	View ↗
nx test @e2e/qwik-city	✅ Succeeded	7m 56s	View ↗
nx test @e2e/svelte	✅ Succeeded	4m 39s	View ↗
nx test @e2e/angular-17	✅ Succeeded	6m 54s	View ↗
nx test @snippet/hydrogen	✅ Succeeded	1m 16s	View ↗
Additional runs (38)	✅ Succeeded	...	View ↗

---

☁️ Nx Cloud last updated this comment at 2026-04-02 16:40:49 UTC