[Snyk] Upgrade iconv-lite from 0.6.3 to 0.7.0

[hashim21223445]

Snyk has created this PR to upgrade iconv-lite from 0.6.3 to 0.7.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 1 version ahead of your current version.

• The recommended version was released 21 days ago.

Release notes

Package name: iconv-lite

• 0.7.0 - 2025-08-20
  

  🐞 Bug fixes

  • Handle split surrogate pairs when encoding utf8 - by @ yosion-p and @ ashtuchkin in #282:

    Handle a case where streaming utf8 encoder (converting js strings -> buffers) encounters
    surrogate pairs split between chunks (last character of one chunk is high surrogate and first
    character of the next chunk is a low surrogate).

  • Avoid false positives in encodingExists by using objects without a prototype - by @ bjohansebas in #328

    The encodingExists method could return incorrect results if the lookup matched properties inherited
    from the prototype of the object that stores the encodings, such as constructor and others. This change
    replaces that object with one that has no prototype, ensuring that only explicitly defined valid encodings
    in the library are considered. In addition, the fix is applied to the internal cache system to avoid the same
    kind of false positives

  🚀 Improvements

  • Make explicit that decode() method supports Uint8Array input - by @ jardicc in #271
  • Remove compatibility check for StringDecoder.end method - by @ bjohansebas in #331

  Other changes

  • chore: update .npmignore to ignore unnecessary files by @ vain0x in #292
  • ci: use github actions instead travis by @ bjohansebas in #324
  • ci: add codeql by @ bjohansebas in #325
  • chore: update performance tests to use bench-node for benchmarking by @ bjohansebas in #332
  • feat: adopt neostandard as linter by @ bjohansebas in #333
  • chore: support node.js >=6, remove safe-buffer by @ bjohansebas in #335
  • Revert "chore: support node.js >=6, remove safe-buffer (#335)" by @ bjohansebas in #336
  • docs(package.json): update repo name and add funding field by @ bjohansebas in #337
  • chore: remove object-assign by @ bjohansebas and @ ljharb in #338
  • release: 0.7.0 by @ bjohansebas in #334
  • ci: bump actions/download-artifact from 4 to 5 by @ dependabot[bot] in #326
  • ci: bump github/codeql-action from 3.29.2 to 3.29.8 by @ dependabot[bot] in #327

  New Contributors

  • @ yosion-p made their first contribution in #282
  • @ jardicc made their first contribution in #271
  • @ vain0x made their first contribution in #292
  • @ bjohansebas made their first contribution in #324
  • @ dependabot[bot] made their first contribution in #326

  Full Changelog: v0.6.3...v0.7.0

• 0.6.3 - 2021-05-24
  No content.

from iconv-lite GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[semanticdiff-com]

Review changes with  

Changed Files

File	Status
package.json	0% smaller

[gemini-code-assist]

Summary of Changes

Hello @hashim21223445, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request updates the iconv-lite library to its latest stable version. This upgrade is crucial for maintaining the project's health by integrating recent bug fixes related to character encoding and minor functional improvements, ensuring more robust and reliable text processing.

Highlights

• Dependency Upgrade: Upgraded the iconv-lite dependency from version 0.6.3 to 0.7.0, incorporating the latest fixes and improvements.
• Bug Fixes: The new version resolves issues with handling split UTF-8 surrogate pairs during encoding and eliminates false positives in the encodingExists method by using objects without a prototype.
• Improvements: The decode() method now explicitly supports Uint8Array input, and an outdated compatibility check for StringDecoder.end has been removed.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point in your pull request via creating an issue comment (i.e. comment on the pull request page) using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in issue comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[snyk-io]

🎉 Snyk checks have passed. No issues have been found so far.

✅ security/snyk check is complete. No issues have been found. (View Details)

[gemini-code-assist]

Code Review

This pull request, generated by Snyk, updates the iconv-lite development dependency from version 0.6.3 to 0.7.0. This is a minor update that brings in bug fixes and improvements, such as better handling of UTF-8 surrogate pairs and Uint8Array input for the decode() method. The change is confined to package.json and, being a minor version bump for a dev dependency, it should be safe to merge. The update is correct and follows best practices for keeping dependencies up-to-date.