Skip to content

build(deps): bump the keeper-deps group across 1 directory with 7 updates#158

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/keeper/keeper-deps-80e0f6badc
Open

build(deps): bump the keeper-deps group across 1 directory with 7 updates#158
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/keeper/keeper-deps-80e0f6badc

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 6, 2026

Bumps the keeper-deps group with 7 updates in the /keeper directory:

Package From To
@stellar/stellar-sdk 14.6.1 15.0.1
dotenv 17.3.1 17.4.1
pino 8.21.0 10.3.1
babel-jest 29.7.0 30.3.0
eslint 8.57.1 10.2.0
jest 29.7.0 30.3.0
pino-pretty 10.3.1 13.1.3

Updates @stellar/stellar-sdk from 14.6.1 to 15.0.1

Release notes

Sourced from @​stellar/stellar-sdk's releases.

v15.0.1: Protocol 26

v15.0.1: Protocol 26

Breaking Changes

  • XDR has been upgraded to support Protocol 26, please refer to the @stellar/stellar-base release notes for details and other breaking changes.

Fixed

  • Sanitize identifiers and escape string literals in generated TypeScript bindings to prevent code injection via malicious contract spec names. sanitizeIdentifier now strips non-identifier characters, and a new escapeStringLiteral helper escapes quotes and newlines in string contexts (#1345).
  • AssembledTransaction.fromXDR() and fromJSON() now validate that the deserialized transaction targets the expected contract, rejecting mismatched contract IDs and non-invokeContract operations. (#1349).
  • Pin exact version on axios dependency (#1365)

Contributors

Full Changelog: stellar/js-stellar-sdk@v14.6.1...v15.0.1

Changelog

Sourced from @​stellar/stellar-sdk's changelog.

v15.0.1

Fixed

  • Pin axios to a specific version.

v15.0.0

Breaking Changes

  • XDR has been upgraded to support Protocol 26, please refer to the @stellar/stellar-base release notes for details and other breaking changes.

Fixed

  • Sanitize identifiers and escape string literals in generated TypeScript bindings to prevent code injection via malicious contract spec names. sanitizeIdentifier now strips non-identifier characters, and a new escapeStringLiteral helper escapes quotes and newlines in string contexts (#1345).
  • AssembledTransaction.fromXDR() and fromJSON() now validate that the deserialized transaction targets the expected contract, rejecting mismatched contract IDs and non-invokeContract operations. (#1349).
Commits

Updates dotenv from 17.3.1 to 17.4.1

Changelog

Sourced from dotenv's changelog.

17.4.1 (2026-04-05)

Changed

  • Change text injecting to injected (#1005)

17.4.0 (2026-04-01)

Added

  • Add skills/ folder with focused agent skills: skills/dotenv/SKILL.md (core usage) and skills/dotenvx/SKILL.md (encryption, multiple environments, variable expansion) for AI coding agent discovery via the skills.sh ecosystem (npx skills add motdotla/dotenv)

Changed

  • Tighten up logs: ◇ injecting env (14) from .env (#1003)
Commits

Updates pino from 8.21.0 to 10.3.1

Release notes

Sourced from pino's releases.

v10.3.1

What's Changed

Full Changelog: pinojs/pino@v10.3.0...v10.3.1

v10.3.0

What's Changed

Full Changelog: pinojs/pino@v10.2.1...v10.3.0

v10.2.1

What's Changed

Full Changelog: pinojs/pino@v10.2.0...v10.2.1

v10.2.0

What's Changed

New Contributors

Full Changelog: pinojs/pino@v10.1.1...v10.2.0

v10.1.1

What's Changed

... (truncated)

Commits
  • 6b34498 Bumped v10.3.1
  • f1203e6 fix(transport): sanitize invalid NODE_OPTIONS preloads for workers (#2391)
  • 6a8e598 docs: clarify transport level filtering behavior (#2390)
  • 49a4807 Merge branch 'main' of github.com:pinojs/pino
  • 960bbbb build(deps-dev): bump eslint-plugin-n from 17.23.1 to 17.23.2 (#2386)
  • e2a5b4a build(deps): bump actions/checkout from 6.0.1 to 6.0.2 (#2385)
  • 04859e2 chore: update gitignore for ai assistant files
  • d6adf03 Bumped v10.3.0
  • 06d55b1 feat: set worker thread name for transport identification (#2380)
  • a728702 fix: fix multistream().clone() return type (#2377)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for pino since your current version.


Updates babel-jest from 29.7.0 to 30.3.0

Release notes

Sourced from babel-jest's releases.

v30.3.0

Features

  • [jest-config] Add defineConfig and mergeConfig helpers for type-safe Jest config (#15844)
  • [jest-fake-timers] Add setTimerTickMode to configure how timers advance
  • [*] Reduce token usage when run through LLMs (3f17932)

Fixes

  • [jest-config] Keep CLI coverage output when using --json with --outputFile (#15918)
  • [jest-mock] Use Symbol from test environment (#15858)
  • [jest-reporters] Fix issue where console output not displayed for GHA reporter even with silent: false option (#15864)
  • [jest-runtime] Fix issue where user cannot utilize dynamic import despite specifying --experimental-vm-modules Node option (#15842)
  • [jest-test-sequencer] Fix issue where failed tests due to compilation errors not getting re-executed even with --onlyFailures CLI option (#15851)
  • [jest-util] Make sure process.features.require_module is false (#15867)

Chore & Maintenance

  • [*] Replace remaining micromatch uses with picomatch
  • [deps] Update to sinon/fake-timers v15
  • [docs] Update V30 migration guide to notify users on jest.mock() work with case-sensitive path (#15849)
  • Updated Twitter icon to match the latest brand guidelines (#15869)

30.2.0

Chore & Maintenance

  • [*] Update example repo for testing React Native projects (#15832)
  • [*] Update jest-watch-typeahead to v3 (#15830)

Features

  • [jest-environment-jsdom-abstract] Add support for JSDOM v27 (#15834)

Fixes

  • [babel-jest] Export the TransformerConfig interface (#15820)
  • [jest-config] Fix jest.config.ts with TS loader specified in docblock pragma (#15839)

30.1.3

Fixes

  • Fix unstable_mockModule with node: prefixed core modules.

30.1.2

Fixes

  • [jest-snapshot-utils] Correct snapshot header regexp to work with newline across OSes (#15803)

30.1.1

Fixes

... (truncated)

Changelog

Sourced from babel-jest's changelog.

30.3.0

Features

  • [jest-config] Add defineConfig and mergeConfig helpers for type-safe Jest config (#15844)
  • [jest-fake-timers] Add setTimerTickMode to configure how timers advance
  • [*] Reduce token usage when run through LLMs (3f17932)

Fixes

  • [jest-config] Keep CLI coverage output when using --json with --outputFile (#15918)
  • [jest-mock] Use Symbol from test environment (#15858)
  • [jest-reporters] Fix issue where console output not displayed for GHA reporter even with silent: false option (#15864)
  • [jest-runtime] Fix issue where user cannot utilize dynamic import despite specifying --experimental-vm-modules Node option (#15842)
  • [jest-test-sequencer] Fix issue where failed tests due to compilation errors not getting re-executed even with --onlyFailures CLI option (#15851)
  • [jest-util] Make sure process.features.require_module is false (#15867)

Chore & Maintenance

  • [*] Replace remaining micromatch uses with picomatch
  • [deps] Update to sinon/fake-timers v15
  • [docs] Update V30 migration guide to notify users on jest.mock() work with case-sensitive path (#15849)
  • Updated Twitter icon to match the latest brand guidelines (#15869)

30.2.0

Chore & Maintenance

  • [*] Update example repo for testing React Native projects (#15832)
  • [*] Update jest-watch-typeahead to v3 (#15830)

Features

  • [jest-environment-jsdom-abstract] Add support for JSDOM v27 (#15834)

Fixes

  • [jest-matcher-utils] Fix infinite recursion with self-referential getters in deepCyclicCopyReplaceable (#15831)
  • [babel-jest] Export the TransformerConfig interface (#15820)
  • [jest-config] Fix jest.config.ts with TS loader specified in docblock pragma (#15839)

30.1.3

Fixes

  • Fix unstable_mockModule with node: prefixed core modules.

30.1.2

Fixes

... (truncated)

Commits

Updates eslint from 8.57.1 to 10.2.0

Release notes

Sourced from eslint's releases.

v10.2.0

Features

  • 586ec2f feat: Add meta.languages support to rules (#20571) (Copilot)
  • 14207de feat: add Temporal to no-obj-calls (#20675) (Pixel998)
  • bbb2c93 feat: add Temporal to ES2026 globals (#20672) (Pixel998)

Bug Fixes

  • 542cb3e fix: update first-party dependencies (#20714) (Francesco Trotta)

Documentation

  • a2af743 docs: add language to configuration objects (#20712) (Francesco Trotta)
  • 845f23f docs: Update README (GitHub Actions Bot)
  • 5fbcf59 docs: remove sourceType from ts playground link (#20477) (Tanuj Kanti)
  • 8702a47 docs: Update README (GitHub Actions Bot)
  • ddeaded docs: Update README (GitHub Actions Bot)
  • 2b44966 docs: add Major Releases section to Manage Releases (#20269) (Milos Djermanovic)
  • eab65c7 docs: update eslint versions in examples (#20664) (루밀LuMir)
  • 3e4a299 docs: update ESM Dependencies policies with note for own-usage packages (#20660) (Milos Djermanovic)

Chores

  • 8120e30 refactor: extract no unmodified loop condition (#20679) (kuldeep kumar)
  • 46e8469 chore: update dependency markdownlint-cli2 to ^0.22.0 (#20697) (renovate[bot])
  • 01ed3aa test: add unit tests for unicode utilities (#20622) (Manish chaudhary)
  • 811f493 ci: remove --legacy-peer-deps from types integration tests (#20667) (Milos Djermanovic)
  • 6b86fcf chore: update dependency npm-run-all2 to v8 (#20663) (renovate[bot])
  • 632c4f8 chore: add prettier update commit to .git-blame-ignore-revs (#20662) (루밀LuMir)
  • b0b0f21 chore: update dependency eslint-plugin-regexp to ^3.1.0 (#20659) (Milos Djermanovic)
  • 228a2dd chore: update dependency eslint-plugin-eslint-plugin to ^7.3.2 (#20661) (Milos Djermanovic)
  • 3ab4d7e test: Add tests for eslintrc-style keys (#20645) (kuldeep kumar)

v10.1.0

Features

  • ff4382b feat: apply fix for no-var in TSModuleBlock (#20638) (Tanuj Kanti)
  • 0916995 feat: Implement api support for bulk-suppressions (#20565) (Blake Sager)

Bug Fixes

  • 2b8824e fix: Prevent no-var autofix when a variable is used before declaration (#20464) (Amaresh S M)
  • e58b4bf fix: update eslint (#20597) (renovate[bot])

Documentation

  • b7b57fe docs: use correct JSDoc link in require-jsdoc.md (#20641) (mkemna-clb)
  • 58e4cfc docs: add deprecation notice partial (#20639) (Milos Djermanovic)
  • 7143dbf docs: update v9 migration guide for @eslint/js usage (#20540) (fnx)
  • 035fc4f docs: note that globalReturn applies only with sourceType: "script" (#20630) (Milos Djermanovic)
  • e972c88 docs: merge ESLint option descriptions into type definitions (#20608) (Francesco Trotta)
  • 7f10d84 docs: Update README (GitHub Actions Bot)
  • aeed007 docs: open playground link in new tab (#20602) (Tanuj Kanti)
  • a0d1a37 docs: Add AI Usage Policy (#20510) (Nicholas C. Zakas)

Chores

... (truncated)

Commits

Updates jest from 29.7.0 to 30.3.0

Release notes

Sourced from jest's releases.

v30.3.0

Features

  • [jest-config] Add defineConfig and mergeConfig helpers for type-safe Jest config (#15844)
  • [jest-fake-timers] Add setTimerTickMode to configure how timers advance
  • [*] Reduce token usage when run through LLMs (3f17932)

Fixes

  • [jest-config] Keep CLI coverage output when using --json with --outputFile (#15918)
  • [jest-mock] Use Symbol from test environment (#15858)
  • [jest-reporters] Fix issue where console output not displayed for GHA reporter even with silent: false option (#15864)
  • [jest-runtime] Fix issue where user cannot utilize dynamic import despite specifying --experimental-vm-modules Node option (#15842)
  • [jest-test-sequencer] Fix issue where failed tests due to compilation errors not getting re-executed even with --onlyFailures CLI option (#15851)
  • [jest-util] Make sure process.features.require_module is false (#15867)

Chore & Maintenance

  • [*] Replace remaining micromatch uses with picomatch
  • [deps] Update to sinon/fake-timers v15
  • [docs] Update V30 migration guide to notify users on jest.mock() work with case-sensitive path (#15849)
  • Updated Twitter icon to match the latest brand guidelines (#15869)

30.2.0

Chore & Maintenance

  • [*] Update example repo for testing React Native projects (#15832)
  • [*] Update jest-watch-typeahead to v3 (#15830)

Features

  • [jest-environment-jsdom-abstract] Add support for JSDOM v27 (#15834)

Fixes

  • [babel-jest] Export the TransformerConfig interface (#15820)
  • [jest-config] Fix jest.config.ts with TS loader specified in docblock pragma (#15839)

30.1.3

Fixes

  • Fix unstable_mockModule with node: prefixed core modules.

30.1.2

Fixes

  • [jest-snapshot-utils] Correct snapshot header regexp to work with newline across OSes (#15803)

30.1.1

Fixes

... (truncated)

Changelog

Sourced from jest's changelog.

30.3.0

Features

  • [jest-config] Add defineConfig and mergeConfig helpers for type-safe Jest config (#15844)
  • [jest-fake-timers] Add setTimerTickMode to configure how timers advance
  • [*] Reduce token usage when run through LLMs (3f17932)

Fixes

  • [jest-config] Keep CLI coverage output when using --json with --outputFile (#15918)
  • [jest-mock] Use Symbol from test environment (#15858)
  • [jest-reporters] Fix issue where console output not displayed for GHA reporter even with silent: false option (#15864)
  • [jest-runtime] Fix issue where user cannot utilize dynamic import despite specifying --experimental-vm-modules Node option (#15842)
  • [jest-test-sequencer] Fix issue where failed tests due to compilation errors not getting re-executed even with --onlyFailures CLI option (#15851)
  • [jest-util] Make sure process.features.require_module is false (#15867)

Chore & Maintenance

  • [*] Replace remaining micromatch uses with picomatch
  • [deps] Update to sinon/fake-timers v15
  • [docs] Update V30 migration guide to notify users on jest.mock() work with case-sensitive path (#15849)
  • Updated Twitter icon to match the latest brand guidelines (#15869)

30.2.0

Chore & Maintenance

  • [*] Update example repo for testing React Native projects (#15832)
  • [*] Update jest-watch-typeahead to v3 (#15830)

Features

  • [jest-environment-jsdom-abstract] Add support for JSDOM v27 (#15834)

Fixes

  • [jest-matcher-utils] Fix infinite recursion with self-referential getters in deepCyclicCopyReplaceable (#15831)
  • [babel-jest] Export the TransformerConfig interface (#15820)
  • [jest-config] Fix jest.config.ts with TS loader specified in docblock pragma (#15839)

30.1.3

Fixes

  • Fix unstable_mockModule with node: prefixed core modules.

30.1.2

Fixes

... (truncated)

Commits

Updates pino-pretty from 10.3.1 to 13.1.3

Release notes

Sourced from pino-pretty's releases.

v13.1.3

What's Changed

New Contributors

Full Changelog: pinojs/pino-pretty@v13.1.2...v13.1.3

v13.1.2

What's Changed

New Contributors

Full Changelog: pinojs/pino-pretty@v13.1.1...v13.1.2

v13.1.1

What's Changed

Full Changelog: pinojs/pino-pretty@v13.1.0...v13.1.1

v13.1.0

What's Changed

... (truncated)

Commits
  • 08425cd v13.1.3
  • 6afb524 fix: messageFormat print 0 value (#635)
  • 70c73ea build(deps): bump fast-copy from 3.0.2 to 4.0.0 (#637)
  • 2cd9794 build(deps): bump actions/checkout from 5 to 6 (#636)
  • c06e276 Update format-time.js documentation to match functionality (#632)
  • 47ffb45 build(deps): bump pino-abstract-transport from 2.0.0 to 3.0.0 (#629)
  • 932af85 build(deps-dev): bump pino from 9.14.0 to 10.1.0 (#628)
  • 6d48318 build(deps-dev): bump borp from 0.20.2 to 0.21.0 (#627)
  • 3b89a0c build(deps): bump actions/setup-node from 4 to 6 (#626)
  • ab0ccab Add in the README file a snippet to use pino-pretty only for dev (#623)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
build(deps): bump the keeper-deps group across 1 directory with 7 upd…
cd1bfde 
…ates

Bumps the keeper-deps group with 7 updates in the /keeper directory:

| Package | From | To |
| --- | --- | --- |
| [@stellar/stellar-sdk](https://github.com/stellar/js-stellar-sdk) | `14.6.1` | `15.0.1` |
| [dotenv](https://github.com/motdotla/dotenv) | `17.3.1` | `17.4.1` |
| [pino](https://github.com/pinojs/pino) | `8.21.0` | `10.3.1` |
| [babel-jest](https://github.com/jestjs/jest/tree/HEAD/packages/babel-jest) | `29.7.0` | `30.3.0` |
| [eslint](https://github.com/eslint/eslint) | `8.57.1` | `10.2.0` |
| [jest](https://github.com/jestjs/jest/tree/HEAD/packages/jest) | `29.7.0` | `30.3.0` |
| [pino-pretty](https://github.com/pinojs/pino-pretty) | `10.3.1` | `13.1.3` |



Updates `@stellar/stellar-sdk` from 14.6.1 to 15.0.1
- [Release notes](https://github.com/stellar/js-stellar-sdk/releases)
- [Changelog](https://github.com/stellar/js-stellar-sdk/blob/master/CHANGELOG.md)
- [Commits](stellar/js-stellar-sdk@v14.6.1...v15.0.1)

Updates `dotenv` from 17.3.1 to 17.4.1
- [Changelog](https://github.com/motdotla/dotenv/blob/master/CHANGELOG.md)
- [Commits](motdotla/dotenv@v17.3.1...v17.4.1)

Updates `pino` from 8.21.0 to 10.3.1
- [Release notes](https://github.com/pinojs/pino/releases)
- [Commits](pinojs/pino@v8.21.0...v10.3.1)

Updates `babel-jest` from 29.7.0 to 30.3.0
- [Release notes](https://github.com/jestjs/jest/releases)
- [Changelog](https://github.com/jestjs/jest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/jestjs/jest/commits/v30.3.0/packages/babel-jest)

Updates `eslint` from 8.57.1 to 10.2.0
- [Release notes](https://github.com/eslint/eslint/releases)
- [Commits](eslint/eslint@v8.57.1...v10.2.0)

Updates `jest` from 29.7.0 to 30.3.0
- [Release notes](https://github.com/jestjs/jest/releases)
- [Changelog](https://github.com/jestjs/jest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/jestjs/jest/commits/v30.3.0/packages/jest)

Updates `pino-pretty` from 10.3.1 to 13.1.3
- [Release notes](https://github.com/pinojs/pino-pretty/releases)
- [Commits](pinojs/pino-pretty@v10.3.1...v13.1.3)

---
updated-dependencies:
- dependency-name: "@stellar/stellar-sdk"
  dependency-version: 15.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: keeper-deps
- dependency-name: dotenv
  dependency-version: 17.4.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: keeper-deps
- dependency-name: pino
  dependency-version: 10.3.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: keeper-deps
- dependency-name: babel-jest
  dependency-version: 30.3.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: keeper-deps
- dependency-name: eslint
  dependency-version: 10.2.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: keeper-deps
- dependency-name: jest
  dependency-version: 30.3.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: keeper-deps
- dependency-name: pino-pretty
  dependency-version: 13.1.3
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: keeper-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot bot commented on behalf of github Apr 6, 2026

Labels

The following labels could not be found: backend, keeper. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Apr 6, 2026
@github-actions github-actions bot added the size/xl Extra-large PR (≥ 1,000 lines) label Apr 6, 2026
@github-actions
Copy link
Copy Markdown

github-actions bot commented Apr 6, 2026

⚠️ PR Too Large — Please Split

This PR touches 2965 lines (+1780 additions, -1185 deletions), which exceeds the project's 1,000-line limit.

Large PRs are hard to review, increase the risk of bugs slipping through,
and slow down the merge queue for everyone. Please break this into smaller,
focused PRs before requesting review.

Strategies for splitting a large PR

Strategy When to use
Separate by component Split contract/, keeper/, and frontend/ changes into their own PRs
Separate concerns Put refactors, new features, and bug fixes in different PRs
Stack PRs Open a base PR with shared scaffolding, then layer feature PRs on top of it
Docs separately Documentation-only changes can always be their own PR
Test-first Open a PR that only adds tests, then a second PR that makes them pass

Exception: If this change is genuinely atomic and cannot be meaningfully split,
please add a comment below explaining why. A maintainer can override this check.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file size/xl Extra-large PR (≥ 1,000 lines)

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants