Update Mend: high confidence minor and patch dependency updates #38
+2,830
−1,835
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
bac6350 to
e1b47b1
Compare
41098d8 to
3c73492
Compare
ae44222 to
fe521b0
Compare
ffd2a21 to
81d04c6
Compare
5abc83b to
b59bb1a
Compare
37c9bdc to
71b86d0
Compare
1685751 to
36fa1bb
Compare
0a80df4 to
8f24124
Compare
e2dbec3 to
047c0ae
Compare
047c0ae to
6353e9c
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
1.19.3->1.20.04.3.16->4.3.201.7.5->1.8.13.3.4->3.3.51.4.7->1.4.92.8.17->2.8.194.17.21->4.17.234.19.5->4.19.6^0.12.0->^0.13.0~3.9.1->~3.10.01.9.9->1.9.101.4.11->1.4.132.3.4->2.3.5^0.10.6->^0.17.02.48.12->2.48.137.5.8->7.7.04.1.6->4.1.80.10.9->0.10.1113.12.0->13.15.26.18.1->6.21.06.18.1->6.21.01.20.2->1.20.34.4.1->4.5.05.65.17->5.65.191.4.6->1.4.73.37.1->3.45.07.0.3->7.0.613.13.1->13.17.08.57.0->8.57.17.1.0->7.2.02.29.1->2.32.06.13.1->6.15.05.7.2->5.8.04.19.2->4.21.2^0.12.3->^0.13.0^0.11.1->^0.15.0~3.9.0->~3.99.06.4.3->6.4.4~3.1.0->~3.2.0^0.3.1->^0.7.01.10.0->1.10.11.4.5-lts.1->1.4.5-lts.2^0.15.0->^0.17.06.6.3->6.6.71.4.2->1.27.57.6.3->7.7.26.37.3->6.37.7^0.8.4->^0.10.0~4.6.0->~4.9.0~4.8.4->~4.9.00.9.15->0.12.33.13.1->3.17.04.4.1->4.5.7Release Notes
CycloneDX/cyclonedx-node-npm (@cyclonedx/cyclonedx-npm)
v1.20.0Compare Source
npm@11(#1245 via #1249)This feature can be controlled via CLI switch
--gather-license-texts.This feature is experimental. This feature is disabled per default.
packageurl-js(via #1237)v5.7.3now, wasv5.5.3(via #1209, #1218, #1255)typescript-eslint/typescript-eslint (@typescript-eslint/eslint-plugin)
v6.21.0Compare Source
🚀 Features
export plugin metadata
allow
parserOptions.project: falseeslint-plugin: add rule prefer-find
🩹 Fixes
eslint-plugin: [no-unused-vars] don't report on types referenced in export assignment expression
eslint-plugin: [switch-exhaustiveness-check] better support for intersections, infinite types, non-union values
eslint-plugin: [consistent-type-imports] dont report on types used in export assignment expressions
eslint-plugin: [no-unnecessary-condition] handle left-hand optional with exactOptionalPropertyTypes option
eslint-plugin: [class-literal-property-style] allow getter when same key setter exists
eslint-plugin: [no-unnecessary-type-assertion] provide valid fixes for assertions with extra tokens before
askeyword❤️ Thank You
You can read about our versioning strategy and releases on our website.
v6.20.0Compare Source
🚀 Features
🩹 Fixes
eslint-plugin: [no-useless-template-literals] incorrect bigint autofix result
eslint-plugin: [prefer-nullish-coalescing] treat any/unknown as non-nullable
eslint-plugin: [no-useless-template-literals] report Infinity & NaN
eslint-plugin: [prefer-readonly] disable checking accessors
❤️ Thank You
You can read about our versioning strategy and releases on our website.
v6.19.1Compare Source
🩹 Fixes
type-utils: preventing isUnsafeAssignment infinite recursive calls
eslint-plugin: [no-unnecessary-condition] fix false positive for type variable
❤️ Thank You
You can read about our versioning strategy and releases on our website.
v6.19.0Compare Source
🚀 Features
eslint-plugin: [prefer-promise-reject-errors] add rule
eslint-plugin: [no-array-delete] add new rule
eslint-plugin: [no-useless-template-literals] add fix suggestions
🩹 Fixes
eslint-plugin: [no-unnecessary-type-assertion] detect unnecessary non-null-assertion on a call expression
eslint-plugin: [no-unnecesary-type-assertion] treat unknown/any as nullable
❤️ Thank You
You can read about our versioning strategy and releases on our website.
typescript-eslint/typescript-eslint (@typescript-eslint/parser)
v6.21.0Compare Source
🚀 Features
parserOptions.project: false❤️ Thank You
You can read about our versioning strategy and releases on our website.
v6.20.0Compare Source
This was a version bump only for parser to align it with other projects, there were no code changes.
You can read about our versioning strategy and releases on our website.
v6.19.1Compare Source
This was a version bump only for parser to align it with other projects, there were no code changes.
You can read about our versioning strategy and releases on our website.
v6.19.0Compare Source
This was a version bump only for parser to align it with other projects, there were no code changes.
You can read about our versioning strategy and releases on our website.
expressjs/body-parser (body-parser)
v1.20.3Compare Source
===================
depthoption to customize the depth level in the parserdepthlevel for parsing URL-encoded data is now32(previously wasInfinity)chaijs/chai (chai)
v4.5.0Compare Source
1a36d35What's Changed
Full Changelog: chaijs/chai@v4.4.1...v4.5.0
codemirror/basic-setup (codemirror)
v5.65.19Compare Source
v5.65.18Compare Source
expressjs/cookie-parser (cookie-parser)
v1.4.7Compare Source
==========
hasOwnPropertyserializewithout options, useobj.hasOwnPropertywhen parsingmaintopackage.jsonfor rspackpartitionedoptionpriorityoptionexpiresoption to reject invalid dateszloirock/core-js (core-js)
v3.45.0Compare Source
Uint8Arrayto / from base64 and hex proposal:Uint8Array.fromBase64Uint8Array.fromHexUint8Array.prototype.setFromBase64Uint8Array.prototype.setFromHexUint8Array.prototype.toBase64Uint8Array.prototype.toHexes.namespace modules,/es/and/stable/namespaces entriesUint8ArrayfromBase64 / setFromBase64 does not throw an error on incorrect length of base64 stringMath.sumPreciseproposal:Math.sumPrecisees.namespace module,/es/and/stable/namespaces entriesIteratorsequencing proposal:Iterator.concat/actual/namespace entries, unconditional forced replacement changed to feature detectionMapupsert proposal:Map.prototype.getOrInsertMap.prototype.getOrInsertComputedWeakMap.prototype.getOrInsertWeakMap.prototype.getOrInsertComputed/actual/namespace entries, unconditional forced replacement changed to feature detectionIteratormethods/stage/entriesUint8Arrayto / from base64 and hex proposal features marked as supported from V8 ~ Chromium 140Uint8Array.{ fromBase64, prototype.setFromBase64 }marked as unsupported in Safari and supported only from Bun 1.2.20 because of a bug: it does not throw an error on incorrect length of base64 string%TypedArray%.prototype.withmarked as fixed in Safari 26.0v3.44.0Compare Source
Uint8Arrayto / from base64 and hex stage 3 proposal:Uint8Array.fromHexandUint8Array.prototype.{ setFromBase64, toBase64, toHex }, thanks @brc-ddGetinIterator.zipKeyed, following tc39/proposal-joint-iteration#43Iteratorsequencing stage 2.7 proposal:Iterator.concatno longer reusesIteratorResultobject of concatenated iterators, following [updates from May 2025 plenary tc39/proposal-iterator-sequencing#26](https://redirect.github.coConfiguration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.