Skip to content

fix(deps): bump the minorandpatch group across 1 directory with 5 updates#186

Closed
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/master/minorandpatch-42507ea8f9
Closed

fix(deps): bump the minorandpatch group across 1 directory with 5 updates#186
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/master/minorandpatch-42507ea8f9

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Mar 6, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Bumps the minorandpatch group with 5 updates in the / directory:

Package From To
@swc/core 1.15.17 1.15.18
@types/node 25.3.2 25.3.5
lint-staged 16.2.7 16.3.2
nx 22.5.3 22.5.4
jose 6.1.3 6.2.0

Updates @swc/core from 1.15.17 to 1.15.18

Changelog

Sourced from @​swc/core's changelog.

[1.15.18] - 2026-03-01

Bug Fixes

  • (html/wasm) Publish @​swc/html-wasm for nodejs (#11601) (bd443f5)

Documentation

Features

Ci

Commits
  • 7cb1be2 chore: Publish 1.15.18 with swc_core v58.0.1
  • 2821ed0 chore: Publish 1.15.18-nightly-20260301.1 with swc_core v58.0.1
  • See full diff in compare view

Updates @types/node from 25.3.2 to 25.3.5

Commits

Updates lint-staged from 16.2.7 to 16.3.2

Release notes

Sourced from lint-staged's releases.

v16.3.2

Patch Changes

  • #1735 2adaf6c Thanks @​iiroj! - Hide the extra cmd window on Windows by spawning tasks without the detached option.

v16.3.1

Patch Changes

  • #1729 cd5d762 Thanks @​iiroj! - Remove nano-spawn as a dependency from package.json as it was replaced with tinyexec and is no longer used.

v16.3.0

Minor Changes

  • #1698 feda37a Thanks @​iiroj! - Run external processes with tinyexec instead of nano-spawn. nano-spawn replaced execa in lint-staged version 16 to limit the amount of npm dependencies required, but caused some unknown issues related to spawning tasks. Let's hope tinyexec improves the situation.

  • #1699 1346d16 Thanks @​iiroj! - Remove pidtree as a dependency. When a task fails, its sub-processes are killed more efficiently via the process group on Unix systems, and the taskkill command on Windows.

Patch Changes

  • #1726 87467aa Thanks @​iiroj! - Incorrect brace expansions like *.{js} (nothing to expand) are detected exhaustively, instead of just a single pass.
Changelog

Sourced from lint-staged's changelog.

16.3.2

Patch Changes

  • #1735 2adaf6c Thanks @​iiroj! - Hide the extra cmd window on Windows by spawning tasks without the detached option.

16.3.1

Patch Changes

  • #1729 cd5d762 Thanks @​iiroj! - Remove nano-spawn as a dependency from package.json as it was replaced with tinyexec and is no longer used.

16.3.0

Minor Changes

  • #1698 feda37a Thanks @​iiroj! - Run external processes with tinyexec instead of nano-spawn. nano-spawn replaced execa in lint-staged version 16 to limit the amount of npm dependencies required, but caused some unknown issues related to spawning tasks. Let's hope tinyexec improves the situation.

  • #1699 1346d16 Thanks @​iiroj! - Remove pidtree as a dependency. When a task fails, its sub-processes are killed more efficiently via the process group on Unix systems, and the taskkill command on Windows.

Patch Changes

  • #1726 87467aa Thanks @​iiroj! - Incorrect brace expansions like *.{js} (nothing to expand) are detected exhaustively, instead of just a single pass.
Commits
  • dfd6a7a chore(changeset): release
  • 2adaf6c fix(Windows): do not spawn tasks as detached since it opens a cmd window on ...
  • 60957ce docs: add CONTRIBUTING.md
  • 2a74cd2 chore(changeset): release
  • cd5d762 refactor: remove nano-spawn dependency completely
  • e342cab build(deps): move nano-spawn to dev
  • 9aa2cd7 chore(changeset): release
  • 0c387bc test: make long-running task longer because of GitHub Actions slowness
  • 87467aa refactor: detect incorrect brace expansion exhaustively
  • dceabc6 ci: run npm audit in GitHub Actions
  • Additional commits viewable in compare view

Updates nx from 22.5.3 to 22.5.4

Release notes

Sourced from nx's releases.

22.5.4 (2026-03-04)

🚀 Features

  • core: add .nx/polygraph to gitignore in migration and caia (#34659)

🩹 Fixes

  • angular-rspack: use relative path for postcss-cli-resources output (#34681, #34092)
  • core: support canonical SSH URLs when extracting GitHub user/repo slug during nx release (#31684, #31682)
  • core: update sourceRespository description of nx import (#34606)
  • core: update minimatch to 10.2.4 (#34660)
  • core: skip writing deps cache if already up-to-date (#34582)
  • core: resolve false positive loop detection when running with Bun (#34640, #0, #1, #2, #3, #4, #5, #6, #33997)
  • core: fall back to invoking PM in detection (#34691)
  • core: restore CNW user flow to match v22.1.3 (#34671)
  • gradle: tee batch runner output to stderr for terminal display (#34630)
  • maven: synchronize batch runner invoke() to prevent concurrent access (#34600)
  • misc: boost CLI command reference search ranking (#34625)
  • misc: fix broken nx.dev redirects and remove legacy redirect-rules files (#34673)
  • misc: use pathToFileURL for cross-platform path handling in postcss-cli-resources (#34676, #33052)
  • misc: exclude .netlify paths from Framer proxy edge function (1ce5e91f5e)
  • repo: reset package.json files after local release (#34648)
  • repo: remove redundant inputs override for build-base target (#34649)
  • vitest: respect reporters from target options in vitest executor (#34663, #34495)

❤️ Thank You

Commits
  • d303641 cleanup(core): remove stale tui snapshot (#34696)
  • b93bbde fix(core): fall back to invoking PM in detection (#34691)
  • d39a716 fix(core): resolve false positive loop detection when running with Bun (#34640)
  • 0e39831 fix(core): skip writing deps cache if already up-to-date (#34582)
  • 6d72530 cleanup(core): reduce misc allocations (#34647)
  • 8e1b32e docs(nx-dev): invert Framer proxy to default-proxy, keep only Next.js paths (...
  • 9f4a9fc fix(repo): remove redundant inputs override for build-base target (#34649)
  • 0ec097f feat(core): add .nx/polygraph to gitignore in migration and caia (#34659)
  • 138f2c6 fix(core): update sourceRespository description of nx import (#34606)
  • ad08925 fix(core): support canonical SSH URLs when extracting GitHub user/repo slug d...
  • See full diff in compare view

Updates jose from 6.1.3 to 6.2.0

Release notes

Sourced from jose's releases.

v6.2.0

Features

  • re-introduce JWE "zip" (Compression Algorithm) Header Parameter support (b13b446)

Documentation

  • clarify return of general jws and jwe (56682b4)
Changelog

Sourced from jose's changelog.

6.2.0 (2026-03-05)

Features

  • re-introduce JWE "zip" (Compression Algorithm) Header Parameter support (b13b446)

Documentation

  • clarify return of general jws and jwe (56682b4)
Commits
  • 970673e chore(release): 6.2.0
  • b13b446 feat: re-introduce JWE "zip" (Compression Algorithm) Header Parameter support
  • c2d1dd1 test: update deno expectations
  • edcaec9 chore(deps): bump actions/upload-artifact in the actions group
  • 037d212 chore(deps): bump minimatch
  • bf7669b chore(deps-dev): bump rollup from 4.56.0 to 4.59.0
  • bdd580e chore: reformat new docs
  • 0c06172 chore: update SECURITY.md
  • 56682b4 docs: clarify return of general jws and jwe
  • 8d7d59c chore: extend/clarify resource exhaustion threat model
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
fix(deps): bump the minorandpatch group across 1 directory with 5 upd…
46530f6 
…ates

Bumps the minorandpatch group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [@swc/core](https://github.com/swc-project/swc/tree/HEAD/packages/core) | `1.15.17` | `1.15.18` |
| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.3.2` | `25.3.5` |
| [lint-staged](https://github.com/lint-staged/lint-staged) | `16.2.7` | `16.3.2` |
| [nx](https://github.com/nrwl/nx/tree/HEAD/packages/nx) | `22.5.3` | `22.5.4` |
| [jose](https://github.com/panva/jose) | `6.1.3` | `6.2.0` |



Updates `@swc/core` from 1.15.17 to 1.15.18
- [Release notes](https://github.com/swc-project/swc/releases)
- [Changelog](https://github.com/swc-project/swc/blob/main/CHANGELOG.md)
- [Commits](https://github.com/swc-project/swc/commits/v1.15.18/packages/core)

Updates `@types/node` from 25.3.2 to 25.3.5
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `lint-staged` from 16.2.7 to 16.3.2
- [Release notes](https://github.com/lint-staged/lint-staged/releases)
- [Changelog](https://github.com/lint-staged/lint-staged/blob/main/CHANGELOG.md)
- [Commits](lint-staged/lint-staged@v16.2.7...v16.3.2)

Updates `nx` from 22.5.3 to 22.5.4
- [Release notes](https://github.com/nrwl/nx/releases)
- [Commits](https://github.com/nrwl/nx/commits/22.5.4/packages/nx)

Updates `jose` from 6.1.3 to 6.2.0
- [Release notes](https://github.com/panva/jose/releases)
- [Changelog](https://github.com/panva/jose/blob/main/CHANGELOG.md)
- [Commits](panva/jose@v6.1.3...v6.2.0)

---
updated-dependencies:
- dependency-name: "@swc/core"
  dependency-version: 1.15.18
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: minorandpatch
- dependency-name: "@types/node"
  dependency-version: 25.3.5
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: minorandpatch
- dependency-name: lint-staged
  dependency-version: 16.3.2
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: minorandpatch
- dependency-name: nx
  dependency-version: 22.5.4
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: minorandpatch
- dependency-name: jose
  dependency-version: 6.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minorandpatch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Mar 6, 2026
@dependabot @github

dependabot Bot commented on behalf of github Mar 13, 2026

Copy link
Copy Markdown
Contributor Author

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this Mar 13, 2026
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/master/minorandpatch-42507ea8f9 branch March 13, 2026 01:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants