Skip to content

build(deps): bump the all-dependencies group across 1 directory with 6 updates #5

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
dependabot wants to merge 1 commit into from
Closed

build(deps): bump the all-dependencies group across 1 directory with 6 updates #5

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 27, 2025
edited
Loading

Bumps the all-dependencies group with 6 updates in the / directory:

Package From To
commander 12.1.0 14.0.2
ora 8.2.0 9.0.0
@biomejs/biome 1.9.4 2.3.10
@types/node 22.18.13 25.0.3
oxlint 0.16.12 1.35.0
vitest 4.0.14 4.0.16

Updates commander from 12.1.0 to 14.0.2

Release notes

Sourced from commander's releases.

v14.0.2

Changed

  • improve negative number auto-detection test (#2428)
  • update (dev) dependencies

v14.0.1

Fixed

  • broken markdown link in README (#2369)

Changed

  • improve code readability by using optional chaining (#2394)
  • use more idiomatic code with object spread instead of Object.assign() (#2395)
  • improve code readability using string.endsWith() instead of string.slice() (#2396)
  • refactor .parseOptions() to process args array in-place (#2409)
  • change private variadic support routines from ._concatValue() to ._collectValue() (change code from array.concat() to array.push()) (#2410)
  • update (dev) dependencies

v14.0.0

Added

  • support for groups of options and commands in the help using low-level .helpGroup() on Option and Command, and higher -level .optionsGroup() and .commandsGroup() which can be used in chaining way to specify group title for following option s/commands (#2328)
  • support for unescaped negative numbers as option-arguments and command-arguments (#2339)
  • TypeScript: add parseArg property to Argument class (#2359)

Fixed

  • remove bogus leading space in help when option has default value but not a description (#2348)
  • .configureOutput() now makes copy of settings instead of modifying in-place, fixing side-effects (#2350)

Changed

  • Breaking: Commander 14 requires Node.js v20 or higher
  • internal refactor of Help class adding .formatItemList() and .groupItems() methods (#2328)

v13.1.0

Added

  • support a pair of long option flags to allow a memorable shortened flag, like .option('--ws, --workspace') (#2312)

v13.0.0

Added

  • support multiple calls to .parse() with default settings (#2299)
  • add .saveStateBeforeParse() and .restoreStateBeforeParse() for use by subclasses (#2299)
  • style routines like styleTitle() to add color to help using .configureHelp() or Help subclass (#2251)

... (truncated)

Changelog

Sourced from commander's changelog.

[14.0.2] (2025-10-25)

Changed

  • improve negative number auto-detection test (#2428)
  • update (dev) dependencies

[14.0.1] (2025-09-12)

Fixed

  • broken markdown link in README (#2369)

Changed

  • improve code readability by using optional chaining (#2394)
  • use more idiomatic code with object spread instead of Object.assign() (#2395)
  • improve code readability using string.endsWith() instead of string.slice() (#2396)
  • refactor .parseOptions() to process args array in-place (#2409)
  • change private variadic support routines from ._concatValue() to ._collectValue() (change code from array.concat() to array.push()) (#2410)
  • update (dev) dependencies

[14.0.0] (2025-05-18)

Added

  • support for groups of options and commands in the help using low-level .helpGroup() on Option and Command, and higher-level .optionsGroup() and .commandsGroup() which can be used in chaining way to specify group title for following options/commands (#2328)
  • support for unescaped negative numbers as option-arguments and command-arguments (#2339)
  • TypeScript: add parseArg property to Argument class (#2359)

Fixed

  • remove bogus leading space in help when option has default value but not a description (#2348)
  • .configureOutput() now makes copy of settings instead of modifying in-place, fixing side-effects (#2350)

Changed

  • Breaking: Commander 14 requires Node.js v20 or higher
  • internal refactor of Help class adding .formatItemList() and .groupItems() methods (#2328)

[13.1.0] (2025-01-21)

Added

  • support a pair of long option flags to allow a memorable shortened flag, like .option('--ws, --workspace') (#2312)

[13.0.0] (2024-12-30)

Added

... (truncated)

Commits

Updates ora from 8.2.0 to 9.0.0

Release notes

Sourced from ora's releases.

v9.0.0

Breaking

  • Require Node.js 20 7aca06d

Fixes

  • Fix clearing in some cases aa51538
  • Fix frame() not displaying dynamic prefixText/suffixText from functions 0f19f57
  • Fix multiline text exceeding console height leaving garbage when scrolling 45d30ad

sindresorhus/ora@v8.2.0...v9.0.0

Commits
  • 20d4bdb 9.0.0
  • 7aca06d Require Node.js 20
  • aa51538 Fix clearing in some cases
  • 9125620 Add FAQs
  • 0f19f57 Fix frame() not displaying dynamic prefixText/suffixText from functions
  • 45d30ad Fix multiline text exceeding console height leaving garbage when scrolling
  • See full diff in compare view

Updates @biomejs/biome from 1.9.4 to 2.3.10

Release notes

Sourced from @​biomejs/biome's releases.

Biome CLI v2.3.10

2.3.10

Patch Changes

What's Changed

New Contributors

... (truncated)

Changelog

Sourced from @​biomejs/biome's changelog.

2.3.10

Patch Changes

2.3.9

Patch Changes

  • #8232 84c9e08 Thanks @​ruidosujeira! - Added the nursery rule noScriptUrl.

    This rule disallows the use of javascript: URLs, which are considered a form of eval and can pose security risks such as XSS vulnerabilities.

    <a href="javascript:alert('XSS')">Click me</a>

  • #8341 343dc4d Thanks @​arendjr! - Added the nursery rule useAwaitThenable, which enforces that await is only used on Promise values.

    Invalid

    await "value";
const createValue = () => "value";
await createValue();

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​biomejs/biome since your current version.


Updates @types/node from 22.18.13 to 25.0.3

Commits

Updates oxlint from 0.16.12 to 1.35.0

Release notes

Sourced from oxlint's releases.

oxlint v1.26.0

[1.26.0] - 2025-11-05

🚀 Features

  • 6f4a50c linter: Implement react/state-in-constructor rule (#15329) (Mikhail Baev)
  • 230e34c linter/plugins: Allow js plugins to access settings (#14724) (Arsh)
  • 8d69661 allocator: Add Address::from_ref method (#15318) (overlookmotel)
  • 798216b language_server: Respect disable directives for type-aware rules (#15170) (Sysix)
  • 7a00691 linter/no-deprecated: Add rule (#15272) (camc314)
  • ab065a9 tsgolint: Improve diagnostic messages with file reference (#15274) (camc314)
  • 26f24d5 linter: Permit comments in .oxlintrc.json via json schema file (#15249) (Martin Leduc)
  • 979ec04 linter: Pretty print tsgolint internal diagnostics (#15131) (camc314)
  • 682dca2 parser: Add more helps to parser errors (#15186) (sapphi-red)

🐛 Bug Fixes

  • 40231a6 linter/plugins, napi/parser: Add parent field to FormalParameterRest and TSParameterProperty in TS type defs (#15337) (overlookmotel)
  • 861508a linter/plugins: Make parent fields in TS type defs non-optional (#15336) (overlookmotel)
  • e0edaef language-server: Disable tsgolint test on big endian (#15331) (camc314)
  • 1d09cc9 linter/no-unused-private-class-members: Fix false positive in conditional expressino (#15319) (camc314)
  • 7f079ab ast/estree: Fix raw transfer deserializer for AssignmentTargetPropertyIdentifier (#15304) (overlookmotel)
  • 56c6627 linter/plugins: Resolve JS plugins only with conditions Node.js supports (#15248) (sapphi-red)
  • d6996d0 linter: Fix JSON schema to deny additional properties for categories enum. (#15257) (Connor Shea)
  • 9304f9f linter: Fix JSON schema to deny additional properties for plugins enum. (#15259) (Connor Shea)
  • 6a884d3 linter: Return error diagnostics if tsgolint fails (#15229) (camc314)
  • 86cfae1 language-server: Log error if tsgolint fails to run (#15228) (camc314)
  • f376e61 linter: Bundle @typescript-eslint/scope-manager (#15210) (Arsh)
  • 377e904 linter: Ignore script tag in code comment (#15202) (Liang Mi)
  • b26900c linter: Improve diagnostic for react/button-has-type. (#15200) (Connor Shea)
  • 80a187c linter: Add offset for parsing error in partial loading files (#15075) (Liang Mi)
  • af257da linter/no-unused-vars: False positive with member expressions in sequence expressions (#15190) (magic-akari)
  • 1f365c8 vscode/test: Make formatting test less flaky (#15120) (camc314)

🚜 Refactor

  • 636e7ed linter/plugins: Shorten ScopeManager code (#15335) (overlookmotel)
  • a7cf856 ast/estree: Shorten raw transfer deserializer for AssignmentTargetPropertyIdentifier (#15303) (overlookmotel)
  • 90146ab linter/react: Simplify is_react_hook (#15310) (overlookmotel)
  • 778b0b6 language_server: Remove ServerLinterDiagnostics (#15169) (Sysix)
  • 10732e8 language_server: Backend checks the correct LintOptions::Run (#15166) (Sysix)
  • e70a37f language_server: Use LintRunner (#14472) (Sysix)
  • 5501ed2 language_server: Send in memory source text to tsgolint (#14733) (Sysix)
  • f452007 linter/no-unwanted-polyfillio: Add security warning for compromised domains (#15207) (shulaoda)
  • 27b4f36 diagnostic: Remove path from sender (#15130) (camc314)

📚 Documentation

  • a7d9f1d linter/plugins: Reformat and clarify ScopeManager JSDoc comments (#15333) (overlookmotel)
  • 69e61d4 linter/plugins: Update comment (#15293) (overlookmotel)

... (truncated)

Changelog

Sourced from oxlint's changelog.

[1.35.0] - 2025-12-22

🚀 Features

  • 9e624c9 linter/react: Add version to ReactPluginSettings (#17169) (camc314)

[1.34.0] - 2025-12-19

🚀 Features

  • a0f74a0 linter/config: Allow aliasing plugin names to allow names the same as builtin plugins (#15569) (Cameron)

🐛 Bug Fixes

  • 005ec25 linter: Permit $schema .oxlintrc.json struct (#17060) (Copilot)
  • d446c43 linter: Prevent extra fields from being present on oxlint config file (#16874) (connorshea)

[1.30.0] - 2025-11-24

🚀 Features

  • 595867a oxlint: Generate markdownDescription fields for oxlint JSON schema. (#15959) (connorshea)

[1.29.0] - 2025-11-17

🚀 Features

  • 84de1ca oxlint,oxfmt: Allow comments and also commas for vscode-json-ls (#15612) (leaysgur)

[1.26.0] - 2025-11-05

🚀 Features

  • 26f24d5 linter: Permit comments in .oxlintrc.json via json schema file (#15249) (Martin Leduc)

🐛 Bug Fixes

  • d6996d0 linter: Fix JSON schema to deny additional properties for categories enum. (#15257) (Connor Shea)
  • 9304f9f linter: Fix JSON schema to deny additional properties for plugins enum. (#15259) (Connor Shea)

📚 Documentation

  • 84ef5ab linter: Avoid linebreaks for markdown links and update plugins docs in the configuration schema. (#15246) (Connor Shea)

[1.25.0] - 2025-10-30

🚀 Features

  • bd74603 linter: Add support for vitest/valid-title rule (#12085) (Tyler Earls)

... (truncated)

Commits
  • 1307b7b release(apps): oxlint v1.35.0 && oxfmt v0.20.0 (#17260)
  • 98c9337 refactor(linter): Improvements for react version setting. (#17195)
  • 9e624c9 feat(linter/react): add version to ReactPluginSettings (#17169)
  • a96d0d5 chore(oxlint): bump min tsgolint pkg version to 0.10.0 (#17146)
  • 86298e8 chore(deps): update dependency oxfmt to ^0.19.0 (#16602)
  • 2804276 release(apps): oxlint v1.34.0 && oxfmt v0.19.0 (#17097)
  • 1cc4253 chore(oxlint): bump min tsgolint pkg version to 0.9.2 (#17083)
  • 005ec25 fix(linter): permit $schema .oxlintrc.json struct (#17060)
  • a0f74a0 feat(linter/config): allow aliasing plugin names to allow names the same as b...
  • d446c43 fix(linter): Prevent extra fields from being present on oxlint config file (#...
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for oxlint since your current version.


Updates vitest from 4.0.14 to 4.0.16

Release notes

Sourced from vitest's releases.

v4.0.16

   🐞 Bug Fixes

    View changes on GitHub

v4.0.15

   🚀 Experimental Features

   🐞 Bug Fixes

    View changes on GitHub
Commits
  • b46d744 chore: release v4.0.16
  • 84a3062 fix(browser): string formatting bug when including placeholders in console.lo...
  • f7f6aa8 fix: log deprecated test.poolOptions if it's set (#9226)
  • 568513c fix: allow inlining fully dynamic import (#9137)
  • 5d26b87 fix(experimental): export setupEnvironment for custom pools (#9187)
  • f17eb42 refactor: avoid using isFileServingAllowed from Vite (#9160)
  • 78cfbf9 fix: avoid crashing on process.versions stub (#9174)
  • da0ade2 fix: fix browser mode default testTimeout back to 15 seconds (#9167)
  • eb1abf0 chore: release v4.0.15
  • a68f74e feat(cache): add opt-out on a plugin level, fix internal root cache (#9154)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
build(deps): bump the all-dependencies group across 1 directory with …
0a9d18d 
…6 updates

Bumps the all-dependencies group with 6 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [commander](https://github.com/tj/commander.js) | `12.1.0` | `14.0.2` |
| [ora](https://github.com/sindresorhus/ora) | `8.2.0` | `9.0.0` |
| [@biomejs/biome](https://github.com/biomejs/biome/tree/HEAD/packages/@biomejs/biome) | `1.9.4` | `2.3.10` |
| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `22.18.13` | `25.0.3` |
| [oxlint](https://github.com/oxc-project/oxc/tree/HEAD/npm/oxlint) | `0.16.12` | `1.35.0` |
| [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `4.0.14` | `4.0.16` |



Updates `commander` from 12.1.0 to 14.0.2
- [Release notes](https://github.com/tj/commander.js/releases)
- [Changelog](https://github.com/tj/commander.js/blob/master/CHANGELOG.md)
- [Commits](tj/commander.js@v12.1.0...v14.0.2)

Updates `ora` from 8.2.0 to 9.0.0
- [Release notes](https://github.com/sindresorhus/ora/releases)
- [Commits](sindresorhus/ora@v8.2.0...v9.0.0)

Updates `@biomejs/biome` from 1.9.4 to 2.3.10
- [Release notes](https://github.com/biomejs/biome/releases)
- [Changelog](https://github.com/biomejs/biome/blob/main/packages/@biomejs/biome/CHANGELOG.md)
- [Commits](https://github.com/biomejs/biome/commits/@biomejs/biome@2.3.10/packages/@biomejs/biome)

Updates `@types/node` from 22.18.13 to 25.0.3
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `oxlint` from 0.16.12 to 1.35.0
- [Release notes](https://github.com/oxc-project/oxc/releases)
- [Changelog](https://github.com/oxc-project/oxc/blob/main/npm/oxlint/CHANGELOG.md)
- [Commits](https://github.com/oxc-project/oxc/commits/oxlint_v1.35.0/npm/oxlint)

Updates `vitest` from 4.0.14 to 4.0.16
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.0.16/packages/vitest)

---
updated-dependencies:
- dependency-name: commander
  dependency-version: 14.0.2
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: all-dependencies
- dependency-name: ora
  dependency-version: 9.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: all-dependencies
- dependency-name: "@biomejs/biome"
  dependency-version: 2.3.10
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: all-dependencies
- dependency-name: "@types/node"
  dependency-version: 25.0.3
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: all-dependencies
- dependency-name: oxlint
  dependency-version: 1.35.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: all-dependencies
- dependency-name: vitest
  dependency-version: 4.0.16
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Dec 27, 2025
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Dec 27, 2025

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Dec 27, 2025
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/all-dependencies-b35080aadf branch December 27, 2025 19:40
@stephendolan
Copy link
Owner

stephendolan commented Dec 27, 2025

@dependabot rebase

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Dec 27, 2025

Looks like this PR is closed. If you re-open it, I'll rebase it, as long as no-one else has edited it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@stephendolan