chore(deps): lock file maintenance minor/patch updates#6253
chore(deps): lock file maintenance minor/patch updates#6253renovate[bot] merged 2 commits intomasterfrom
Conversation
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
Thank you for your contribution! ❤️You can try out this pull request locally by installing Rollup via npm install rollup/rollup#renovate/minorpatch-updatesNotice: Ensure you have installed the latest nightly Rust toolchain. If you haven't installed it yet, please see https://www.rust-lang.org/tools/install to learn how to download Rustup and install Rust. or load it into the REPL: |
Performance report
|
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## master #6253 +/- ##
=======================================
Coverage 98.83% 98.83%
=======================================
Files 273 273
Lines 10700 10700
Branches 2854 2854
=======================================
Hits 10575 10575
Misses 82 82
Partials 43 43 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
Edited/Blocked NotificationRenovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR. You can manually request rebase by checking the rebase/retry box above. |
|
This PR has been released as part of rollup@4.57.1. You can test it via |
This PR contains the following updates:
^3.2.2→^3.2.4^1.13.2→^1.13.31.13.4^17.0.0→^17.1.017.2.0^4.56.2→^4.56.10^3.8.0→^3.8.1^4.55.2→^4.56.04.57.0^8.53.1→^8.54.0^3.2.2→^3.2.4^0.13.1→^0.14.0v1.3.2→v1.3.3v2.66.7→v2.67.13v2.67.16(+2)🔧 This Pull Request updates lock files to use the latest dependency versions.
Release Notes
vuejs/language-tools (@vue/language-server)
v3.2.4Compare Source
language-core
ctx.configand support type annotation via generics (#5944) - Thanks to @KazariEX!workspace
axios/axios (axios)
v1.13.3Compare Source
Bug Fixes
Features
undefinedas a value in AxiosRequestConfig (#5560) (095033c)Reverts
Contributors to this release
streamich/memfs (memfs)
v4.56.10Compare Source
Full Changelog: streamich/memfs@v4.56.9...v4.56.10
typescript-eslint/typescript-eslint (typescript-eslint)
v8.54.0Compare Source
This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.
You can read about our versioning strategy and releases on our website.
drager/wasm-pack (wasm-pack)
v0.14.0Compare Source
✨ Features
Support arbitrary wasm targets (WASI support) - RReverser, pull/1524
Allows building for targets other than wasm32-unknown-unknown, enabling WASI and other custom wasm targets.
macOS ARM (aarch64-apple-darwin) build support - kaleidawave, pull/1529
Adds native Apple Silicon support in release builds and NPM package.
Allow
--split-linked-modulesflag for wasm-bindgen - codeart1st, pull/1443Custom build profile support - rafaelbeckel, pull/1428
Allows using custom cargo profiles via
--profile.🤕 Fixes
Fix NPM package download URL - qinyuhang, pull/1543
Filter build artifacts to only .wasm files - [drager], pull/1535
Handle undefined VERSION in installer script - BrianHung, pull/1512
Fix it_gets_wasm_bindgen_version test - mshroyer, pull/1509
🛠️ Maintenance
Update dependencies to latest versions - [drager], pull/1536
Security workflow permissions fixes - [drager]
Bump ring from 0.17.8 to 0.17.14 - dependabot, pull/1516
Bump brace-expansion from 1.1.11 to 1.1.12 in /npm - dependabot, pull/1515
Bump rustls from 0.23.16 to 0.23.18 - dependabot, pull/1451
Fix tar vulnerability (CVE-2026-23745) in npm package
Override tar dependency to ^7.5.3 to fix arbitrary file overwrite and symlink poisoning vulnerability (GHSA-8qq5-rm4j-mr97).
Fix axios vulnerabilities in npm package
Override axios dependency to ^0.30.0 to fix SSRF/credential leakage via absolute URL and XSRF-TOKEN leakage (CSRF) vulnerabilities.
📖 Documentation
Update documentation links to drager's repo - yutannihilation, pull/1513
Document prerequisites for webdriver tests - mshroyer, pull/1509
patrickedqvist/wait-for-vercel-preview (patrickedqvist/wait-for-vercel-preview)
v1.3.3Compare Source
Summary
This release adds the
vercel_protection_bypass_headerinput for bypassing Vercel deployment protection in automation workflows. It also includes several bug fixes and internal improvements.Highlights
vercel_protection_bypass_headerinput for Vercel protection bypass (#68)allow_inactiveinput now correctly handles the string"false"(#80)What's Changed
New Contributors
Full Changelog: patrickedqvist/wait-for-vercel-preview@v1.3.2...v1.3.3
taiki-e/install-action (taiki-e/install-action)
v2.67.13Compare Source
Initial release
Configuration
📅 Schedule: Branch creation - Between 06:00 PM and 11:59 PM, only on Thursday ( * 18-23 * * 4 ), Between 12:00 AM and 05:59 AM, only on Friday ( * 0-5 * * 5 ) (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR was generated by Mend Renovate. View the repository job log.