chore(deps): bump the npm_and_yarn group across 1 directory with 2 updates

[dependabot]

Bumps the npm_and_yarn group with 2 updates in the / directory: mathjs and basic-ftp.

Updates mathjs from 14.6.0 to 15.2.0

Changelog

Sourced from mathjs's changelog.

2026-04-07, 15.2.0

• Feat: Add amp-hour charge unit Ah (#3617). Thanks @​adrfantini.
• Feat: #3595 implement num and den functions returning the parts of a fraction (#3605). Thanks @​AnslemHack.
• Fix: Provide TypeScript types for [and/or]TransformDependencies (#3639). Thanks @​NilsDietrich.
• Fix: two security vulnerabilities that allowed executing arbitrary JavaScript via the expression parser. Thanks @​CykuTW for finding and reporting them.

2026-02-10, 15.1.1

• Fix: #3631 Handle bigints in compareNatural (#3632). Thanks @​Dheemanth07.
• Fix: #3578 interpret empty true-expr of conditional as error (#3581). Thanks @​gwhitney.
• Fix: #3597 added nullish type definitions (#3601). Thanks @​Ayo1984.
• Docs: Correct several arithmetic and relational documentation examples and add History (#3630). Thanks @​Anadian.
• Docs: fix #3565, update Matrix documentation (#3591). Thanks @​orelbn.
• Docs: #3341 add per-function HISTORY sections (#3606). Thanks @​gwhitney.
• Docs: describe that setDistinct sorts the elements (see #3602).

2025-11-05, 15.1.0

• Feat: implement functions isFinite and isBounded (#3554, #3553). Thanks @​gwhitney.
• Feat: add function bernoulli to calculate Bernoulli numbers (#3551). Thanks @​gwhitney.
• Feat: support for optional chaining object?.key (#3547). Thanks @​NilsDietrich.
• Fix: #3580, #3586, #3587 issues with the optional chaining operator: disallow double dot ?.., allow optional function calls, throw errors on invalid uses of ?. (#3585). Thanks @​AnslemHack.
• Fix: #3579 conditional parsed as optional chaining (#3584).
• Fix: #3564 Avoid error throws when mapping/filtering empty arrays/matrices. (#3567). Thanks @​richardt-cla.
• Fix: #3574 respect tolerances in function isInteger (#3575). Thanks @​gwhitney.
• Fix: #3562 serializing units missing an internal property (#3572).

2025-10-10, 15.0.0

!!! BE CAREFUL: BREAKING CHANGES !!!

• Feat: #3349 Decouple precedence of unary percentage operator and binary modulus operator (that both use symbol %), and raise the former (#3432). Thanks @​kiprobinsonknack.
• Feat: #1753 enhance Kronecker product to handle arbitrary dimension (#3461, #3455). Thanks @​gwhitney and @​Delaney.
• Feat: #2344 matrix subset according to the type of input (#3485).

... (truncated)

Commits

• fee4561 chore: publish v15.2.0
• 139dcab chore: update history
• 0aee2f6 fix: two security vulnerabilities allowing execution of arbitrary JavaScript ...
• f7c10b1 feat: Fraction numerator and denominator helper functions (#3605)
• 2066220 feat: Add Ah charge unit (#3617)
• 685da0f chore: Add andTransformDependencies and orTransformDependencies to index.d.ts...
• 8fe12e5 docs: update links to TestMu AI
• e50b18b chore: fix linting issues
• e910b54 chore: publish v15.1.1
• ed10f50 chore: run npm audit fix
• Additional commits viewable in compare view

Updates basic-ftp from 5.2.0 to 5.2.2

Release notes

Sourced from basic-ftp's releases.

5.2.2

• Fixed: Improve control character rejection, fixes GHSA-6v7q-wjvx-w8wg.

5.2.1

• Fixed: Reject control character injection attempts using paths. See GHSA-chqc-8p9q-pq6q.

Changelog

Sourced from basic-ftp's changelog.

5.2.2

• Fixed: Improve control character rejection, fixes GHSA-6v7q-wjvx-w8wg.

5.2.1

• Fixed: Reject control character injection attempts using paths. See GHSA-chqc-8p9q-pq6q.

Commits

• e9d09d6 Bump version
• 20327d3 Move prevention of control character injection to more central place
• ba40f9d Update dev dependencies
• 6b0008b Bump version
• 2ecc8e2 Reject control character injection attempts using paths
• 515d21f Update security policy and reporting instructions
• 9744254 Link to security advisory
• See full diff in compare view

Maintainer changes

This version was pushed to npm by patrickjuchli, a new releaser for basic-ftp since your current version.

Install script changes

This version adds prepare script that runs during installation. Review the package contents before updating.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.