Skip to content

build(deps): bump the npm-all group across 1 directory with 19 updates#255

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/npm-all-5b05598243
Open

build(deps): bump the npm-all group across 1 directory with 19 updates#255
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/npm-all-5b05598243

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 14, 2026

Copy link
Copy Markdown
Contributor

Bumps the npm-all group with 19 updates in the / directory:

Package From To
axios 1.17.0 1.18.1
cheerio 1.0.0-rc.12 1.2.0
cors 2.8.5 2.8.6
dotenv 16.0.3 17.4.2
helmet 7.0.0 8.3.0
joi 17.13.4 18.2.3
js-yaml 5.1.0 5.2.1
pino 8.11.0 10.3.1
pino-http 8.3.3 11.0.0
redis 6.0.0 6.1.0
replicate 0.25.2 1.4.0
undici 6.27.0 8.7.0
@eslint/js 9.39.4 9.39.5
allure-commandline 2.37.0 2.43.0
allure-jest 3.10.1 3.10.2
eslint 9.39.4 9.39.5
jest-junit 16.0.0 17.0.0
supertest 6.3.4 7.2.2
typescript 6.0.3 7.0.2

Updates axios from 1.17.0 to 1.18.1

Release notes

Sourced from axios's releases.

v1.18.1 — June 21, 2026

This release focuses on Node HTTP adapter fixes, safer AxiosError serialisation, runtime/type correctness fixes, documentation updates, and dependency maintenance.

🐛 Bug Fixes

  • AxiosError Serialisation: Made AxiosError#cause non-enumerable to prevent circular JSON serialisation failures when errors include nested causes. (#10913)
  • Node HTTP Adapter: Guarded socket.setKeepAlive for proxy agent streams, accepted path-only URLs when socketPath is configured, deferred environment proxy handling to Node, and explicitly passed maxBodyLength through to follow-redirects. (#10917, #10930, #10942, #10993)
  • Runtime and Type Correctness: Fixed several runtime crashes, type definition mismatches, and incorrect error handling paths. (#10959, #11021)
  • AxiosURLSearchParams: Switched the encoder callback to an arrow function so encoder.call(this) receives the AxiosURLSearchParams instance correctly. (#11019)

🔧 Maintenance & Chores

  • Documentation: Documented sensitive headers and status transition behaviour, prepared cleaned-up docs, added Deno install instructions, and clarified that request data is request-specific (#11007, #11010, #11023, #11025)

  • Dependencies: Bumped vite, rollup, form-data, js-yaml, and multer across the root project, docs, smoke tests, and module test workspaces. (#11011, #11012, #11013, #11014, #11015, #11016, #11017, #11026)

🌟 New Contributors

We are thrilled to welcome our new contributors. Thank you for helping improve axios:

Full Changelog

v1.18.0 — June 13, 2026

This release hardens redirect and URL handling, improves the validateStatus configuration semantics, and includes updates to documentation, dependencies, and release metadata.

🔒 Security Fixes

  • Redirect Header Safety: Added Node HTTP adapter support for stripping caller-specified sensitive headers on cross-origin redirects, helping prevent custom auth headers such as API keys from leaking to another origin. (#10892)

  • URL And Request Hardening: Rejects malformed http: and https: URLs that omit // with ERR_INVALID_URL, while tightening prototype-pollution-safe config reads, stream size limits, FormData depth handling, data URL sizing, and local NO_PROXY matching. (#11000)

🐛 Bug Fixes

  • Status Validation: Added transitional.validateStatusUndefinedResolves so applications can opt in to treating validateStatus: undefined like the option was omitted, while validateStatus: null remains the explicit way to accept every status. (#10899)

🔧 Maintenance & Chores

  • Documentation: Published the v1.17.0 release notes, fixed a changelog typo, clarified the package update PR policy, and marked the proxy request config as Node.js-only in the advanced docs. (#10984, #10988, #10992, #10995)

  • Dependencies: Bumped @babel/core, @babel/preset-env, @commitlint/cli, @commitlint/config-conventional, @rollup/plugin-babel, @rollup/plugin-commonjs, @vitest/browser, @vitest/browser-playwright, eslint, lint-staged, rollup, vitest, and actions/checkout. (#10989, #10996, #10997)

  • Release Metadata: Prepared the 1.18.0 release by updating package metadata and the runtime VERSION value. (#11003)

... (truncated)

Changelog

Sourced from axios's changelog.

Changelog

v1.18.0 — June 13, 2026

This release hardens redirect and URL handling, improves the validateStatus configuration semantics, and includes updates to documentation, dependencies, and release metadata.

🔒 Security Fixes

  • Redirect Header Safety: Added Node HTTP adapter support for stripping caller-specified sensitive headers on cross-origin redirects, helping prevent custom auth headers such as API keys from leaking to another origin. (#10892)

  • URL And Request Hardening: Rejects malformed http: and https: URLs that omit // with ERR_INVALID_URL, while tightening prototype-pollution-safe config reads, stream size limits, FormData depth handling, data URL sizing, and local NO_PROXY matching. (#11000)

🐛 Bug Fixes

  • Status Validation: Added transitional.validateStatusUndefinedResolves so applications can opt in to treating validateStatus: undefined like the option was omitted, while validateStatus: null remains the explicit way to accept every status. (#10899)

🔧 Maintenance & Chores

  • Documentation: Published the v1.17.0 release notes, fixed a changelog typo, clarified the package update PR policy, and marked the proxy request config as Node.js-only in the advanced docs. (#10984, #10988, #10992, #10995)

  • Dependencies: Bumped @babel/core, @babel/preset-env, @commitlint/cli, @commitlint/config-conventional, @rollup/plugin-babel, @rollup/plugin-commonjs, @vitest/browser, @vitest/browser-playwright, eslint, lint-staged, rollup, vitest, and actions/checkout. (#10989, #10996, #10997)

  • Release Metadata: Prepared the 1.18.0 release by updating package metadata and the runtime VERSION value. (#11003)

🌟 New Contributors

We are thrilled to welcome our new contributors. Thank you for helping improve axios:

Full Changelog

Commits
  • a209bfb chore(release): prepare release 1.18.1 (#11027)
  • fa6a55e chore(deps-dev): bump multer from 2.1.1 to 2.2.0 (#11026)
  • 40e7be8 docs: clarifies that request data is request-specific in axios (#11025)
  • a446b39 fix(AxiosURLSearchParams): use arrow function so encoder.call(this) receives ...
  • cf1306a docs: add Deno to install instructions (#11023)
  • b32880a fix: incorrect use of error (#11021)
  • 1792eda fix: ensure maxBodyLength is explicitly passed to follow-redirects (#10993)
  • 30499d6 fix: various runtime crashes and type definition mismatches (#10959)
  • 20ce9c4 fix(http): defer env proxy handling to Node (#10942)
  • e64bcf9 chore(deps): merge branch 'v1.x' into tests/module/cjs (#11014)
  • Additional commits viewable in compare view

Updates cheerio from 1.0.0-rc.12 to 1.2.0

Release notes

Sourced from cheerio's releases.

v1.2.0

What's Changed

New Contributors

Full Changelog: cheeriojs/cheerio@v1.1.2...v1.2.0

v1.1.2

What's Changed

Full Changelog: cheeriojs/cheerio@v1.1.1...v1.1.2

v1.1.1

  • Fix Undici issues (#4689) 91a2b3d7

cheeriojs/cheerio@v1.1.0...v1.1.1

v1.1.0

What's Changed

Doc Improvements

New Contributors

... (truncated)

Commits
  • e3c7aaf 1.2.0
  • 96bfd3e chore(package): Exclude tests from published bundle
  • 08d396c docs(readme): Update Sponsors (#5014)
  • bd9d3dd build(deps-dev): bump eslint-plugin-jsdoc from 62.3.0 to 62.3.1 (#5022)
  • f4c8a58 build(deps): bump unist-util-visit from 5.0.0 to 5.1.0 in /website (#5027)
  • 8fa46d5 build(deps): bump astro from 5.16.12 to 5.16.14 in /website (#5026)
  • 8e132a6 build(deps-dev): bump @​vitest/coverage-v8 from 4.0.17 to 4.0.18 (#5023)
  • 6d31bfc build(deps-dev): bump globals from 17.0.0 to 17.1.0 (#5025)
  • 65aa6c8 build(deps): bump @​docsearch/css from 4.5.0 to 4.5.3 in /website (#5020)
  • 5567e65 build(deps): bump astro from 5.16.11 to 5.16.12 in /website (#5021)
  • Additional commits viewable in compare view
Install script changes

This version modifies prepare script that runs during installation. Review the package contents before updating.


Updates cors from 2.8.5 to 2.8.6

Release notes

Sourced from cors's releases.

v2.8.6

What's Changed

New Contributors

... (truncated)

Changelog

Sourced from cors's changelog.

2.8.6 / 2026-01-22

  • Improve documentation (API, context, examples...)
  • Remove additional markdown files from tarball
Commits
Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for cors since your current version.


Updates dotenv from 16.0.3 to 17.4.2

Changelog

Sourced from dotenv's changelog.

17.4.2 (2026-04-12)

Changed

  • Improved skill files - tightened up details (#1009)

17.4.1 (2026-04-05)

Changed

  • Change text injecting to injected (#1005)

17.4.0 (2026-04-01)

Added

  • Add skills/ folder with focused agent skills: skills/dotenv/SKILL.md (core usage) and skills/dotenvx/SKILL.md (encryption, multiple environments, variable expansion) for AI coding agent discovery via the skills.sh ecosystem (npx skills add motdotla/dotenv)

Changed

  • Tighten up logs: ◇ injecting env (14) from .env (#1003)

17.3.1 (2026-02-12)

Changed

  • Fix as2 example command in README and update spanish README

17.3.0 (2026-02-12)

Added

  • Add a new README section on dotenv’s approach to the agentic future.

Changed

  • Rewrite README to get humans started more quickly with less noise while simultaneously making more accessible for llms and agents to go deeper into details.

17.2.4 (2026-02-05)

Changed

  • Make DotenvPopulateInput accept NodeJS.ProcessEnv type (#915)
  • Give back to dotenv by checking out my newest project vestauth. It is auth for agents. Thank you for using my software.

17.2.3 (2025-09-29)

Changed

  • Fixed typescript error definition (#912)

... (truncated)

Commits

Updates helmet from 7.0.0 to 8.3.0

Changelog

Sourced from helmet's changelog.

8.3.0 - 2026-07-11

Changed

  • Content-Security-Policy: improved performance by ~7% when there are no dynamic directives
  • Content-Security-Policy: improved error handling for invalid directive names

Fixed

  • Content-Security-Policy: useDefaults: false with no directives is no longer valid, both at runtime and the type level
  • Content-Security-Policy: dynamically-computed directive values would throw, not call next, when invalid
  • Content-Security-Policy: dynamically-computed directive value entries would throw, not call next, when function threw

8.2.0 - 2026-05-21

  • Cross-Origin-Opener-Policy: support noopener-allow-popups. See #522
  • Improve error message when passing duplicate options

8.1.0 - 2025-03-17

Changed

  • Content-Security-Policy gives a better error when a directive value, like self, should be quoted. See #482

8.0.0 - 2024-09-28

Changed

  • Breaking: Strict-Transport-Security now has a max-age of 365 days, up from 180
  • Breaking: Content-Security-Policy middleware now throws an error if a directive should have quotes but does not, such as self instead of 'self'. See #454
  • Breaking: Content-Security-Policy's getDefaultDirectives now returns a deep copy. This only affects users who were mutating the result
  • Breaking: Strict-Transport-Security now throws an error when "includeSubDomains" option is misspelled. This was previously a warning

Removed

  • Breaking: Drop support for Node 16 and 17. Node 18+ is now required

7.2.0 - 2024-09-28

Changed

  • Content-Security-Policy middleware now warns if a directive should have quotes but does not, such as self instead of 'self'. This will be an error in future versions. See #454

7.1.0 - 2023-11-07

Added

  • helmet.crossOriginEmbedderPolicy now supports the unsafe-none directive. See #447
Commits
  • 75f1a98 8.3.0
  • f03f70d Update changelog for 8.3.0 release
  • a307fce Fix capitalization in CSP package changelog
  • 5347b43 Format default CSP in README for readability
  • 9afc570 CSP: fix middleware-specific README missing link
  • 266c95c Minor speedups to project setups test
  • 7a4196c CSP: update package-specific changelog
  • 02716b4 CSP: improve performance when there are no dynamic directives
  • 3f511ed CSP: move utility functions to separate file
  • 80338af CSP: disabling defaults with no directives is now an error
  • Additional commits viewable in compare view

Updates joi from 17.13.4 to 18.2.3

Commits
  • c86ddc0 18.2.3
  • 8077125 Merge pull request #3125 from hapijs/fix/json-schema-multiple-patterns
  • 223217a fix: expose multiple string patterns in json schemas
  • 85947a8 Merge pull request #3124 from hapijs/chore/object-proto
  • fe41c4f chore: deny prototype pollution in objects by restoring prototype
  • 87d3a62 18.2.2
  • 1c7d34e Merge pull request #3120 from hapijs/fix/json-schema-bugfixes
  • 515a8f0 test(json-schema): drop runtime validation from json-schema tests
  • 6574f75 fix(json-schema): register id'd child schemas in $defs
  • 770a2cf fix(json-schema): skip rule handlers with ref arguments
  • Additional commits viewable in compare view

Updates js-yaml from 5.1.0 to 5.2.1

Changelog

Sourced from js-yaml's changelog.

[5.2.1] - 2026-07-02

Fixed

  • Add Map support to !!omap (should work when realMapTag used)

Security

  • Remove quadratic complexity from !!omap addItem. Regression from v5 (usually not critical, because YAML11_SCHEMA is not default anymore).

4.3.0, 3.15.0 - 2026-06-27

Security

  • Backported maxTotalMergeKeys option.

[5.2.0] - 2026-06-26

Added

  • Added maxTotalMergeKeys (10000) loader option to limit the total number of keys processed by YAML merge (<<) across one load() / loadAll() call.
  • Added maxAliases (-1) loader option to limit the number of YAML aliases per document.

Removed

  • maxMergeSeqLength replaced with maxTotalMergeKeys for limiting YAML merge processing.

Fixed

  • Round-trip of integers with exponential form (>= 1e21)
Commits
  • ac16b42 5.2.1 released
  • 4a864e5 Deps bump
  • 39f3211 !!omap: add Map support and remove quadratic complexity
  • ff17f1e Changelog update
  • 8ed15f1 deps bump
  • 1a562dc Fix changelog link
  • c28ed5e 5.2.0 released
  • 125cd5a Add maxAliases option
  • 3105455 Replace maxMergeSeqLengthoption with maxTotalMergeKeys (more robust)
  • 39d00d6 numbers: Drop boxed numbers support, simplify .identify() checks, clarify rou...
  • Additional commits viewable in compare view

Updates pino from 8.11.0 to 10.3.1

Release notes

Sourced from pino's releases.

v10.3.1

What's Changed

Full Changelog: pinojs/pino@v10.3.0...v10.3.1

v10.3.0

What's Changed

Full Changelog: pinojs/pino@v10.2.1...v10.3.0

v10.2.1

What's Changed

Full Changelog: pinojs/pino@v10.2.0...v10.2.1

v10.2.0

What's Changed

New Contributors

Full Changelog: pinojs/pino@v10.1.1...v10.2.0

v10.1.1

What's Changed

... (truncated)

Commits
  • 6b34498 Bumped v10.3.1
  • f1203e6 fix(transport): sanitize invalid NODE_OPTIONS preloads for workers (#2391)
  • 6a8e598 docs: clarify transport level filtering behavior (#2390)
  • 49a4807 Merge branch 'main' of github.com:pinojs/pino
  • 960bbbb build(deps-dev): bump eslint-plugin-n from 17.23.1 to 17.23.2 (#2386)
  • e2a5b4a build(deps): bump actions/checkout from 6.0.1 to 6.0.2 (#2385)
  • 04859e2 chore: update gitignore for ai assistant files
  • d6adf03 Bumped v10.3.0
  • 06d55b1 feat: set worker thread name for transport identification (#2380)
  • a728702 fix: fix multistream().clone() return type (#2377)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for pino since your current version.


Updates pino-http from 8.3.3 to 11.0.0

Release notes

Sourced from pino-http's releases.

v11.0.0

What's Changed

Full Changelog: pinojs/pino-http@v10.5.0...v11.0.0

v10.5.0

What's Changed

Full Changelog: pinojs/pino-http@v10.4.0...v10.5.0

v10.4.0

What's Changed

New Contributors

Bumps the npm-all group with 19 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [axios](https://github.com/axios/axios) | `1.17.0` | `1.18.1` |
| [cheerio](https://github.com/cheeriojs/cheerio) | `1.0.0-rc.12` | `1.2.0` |
| [cors](https://github.com/expressjs/cors) | `2.8.5` | `2.8.6` |
| [dotenv](https://github.com/motdotla/dotenv) | `16.0.3` | `17.4.2` |
| [helmet](https://github.com/helmetjs/helmet) | `7.0.0` | `8.3.0` |
| [joi](https://github.com/hapijs/joi) | `17.13.4` | `18.2.3` |
| [js-yaml](https://github.com/nodeca/js-yaml) | `5.1.0` | `5.2.1` |
| [pino](https://github.com/pinojs/pino) | `8.11.0` | `10.3.1` |
| [pino-http](https://github.com/pinojs/pino-http) | `8.3.3` | `11.0.0` |
| [redis](https://github.com/redis/node-redis) | `6.0.0` | `6.1.0` |
| [replicate](https://github.com/replicate/replicate-javascript) | `0.25.2` | `1.4.0` |
| [undici](https://github.com/nodejs/undici) | `6.27.0` | `8.7.0` |
| [@eslint/js](https://github.com/eslint/eslint/tree/HEAD/packages/js) | `9.39.4` | `9.39.5` |
| [allure-commandline](https://github.com/allure-framework/allure-npm) | `2.37.0` | `2.43.0` |
| [allure-jest](https://github.com/allure-framework/allure-js/tree/HEAD/packages/allure-jest) | `3.10.1` | `3.10.2` |
| [eslint](https://github.com/eslint/eslint) | `9.39.4` | `9.39.5` |
| [jest-junit](https://github.com/jest-community/jest-junit) | `16.0.0` | `17.0.0` |
| [supertest](https://github.com/ladjs/supertest) | `6.3.4` | `7.2.2` |
| [typescript](https://github.com/microsoft/TypeScript) | `6.0.3` | `7.0.2` |



Updates `axios` from 1.17.0 to 1.18.1
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.17.0...v1.18.1)

Updates `cheerio` from 1.0.0-rc.12 to 1.2.0
- [Release notes](https://github.com/cheeriojs/cheerio/releases)
- [Commits](cheeriojs/cheerio@v1.0.0-rc.12...v1.2.0)

Updates `cors` from 2.8.5 to 2.8.6
- [Release notes](https://github.com/expressjs/cors/releases)
- [Changelog](https://github.com/expressjs/cors/blob/master/HISTORY.md)
- [Commits](expressjs/cors@v2.8.5...v2.8.6)

Updates `dotenv` from 16.0.3 to 17.4.2
- [Changelog](https://github.com/motdotla/dotenv/blob/master/CHANGELOG.md)
- [Commits](motdotla/dotenv@v16.0.3...v17.4.2)

Updates `helmet` from 7.0.0 to 8.3.0
- [Changelog](https://github.com/helmetjs/helmet/blob/main/CHANGELOG.md)
- [Commits](helmetjs/helmet@v7.0.0...v8.3.0)

Updates `joi` from 17.13.4 to 18.2.3
- [Commits](hapijs/joi@v17.13.4...v18.2.3)

Updates `js-yaml` from 5.1.0 to 5.2.1
- [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md)
- [Commits](nodeca/js-yaml@5.1.0...5.2.1)

Updates `pino` from 8.11.0 to 10.3.1
- [Release notes](https://github.com/pinojs/pino/releases)
- [Commits](pinojs/pino@v8.11.0...v10.3.1)

Updates `pino-http` from 8.3.3 to 11.0.0
- [Release notes](https://github.com/pinojs/pino-http/releases)
- [Commits](pinojs/pino-http@v8.3.3...v11.0.0)

Updates `redis` from 6.0.0 to 6.1.0
- [Release notes](https://github.com/redis/node-redis/releases)
- [Changelog](https://github.com/redis/node-redis/blob/master/CHANGELOG.md)
- [Commits](https://github.com/redis/node-redis/compare/redis@6.0.0...redis@6.1.0)

Updates `replicate` from 0.25.2 to 1.4.0
- [Release notes](https://github.com/replicate/replicate-javascript/releases)
- [Commits](replicate/replicate-javascript@v0.25.2...v1.4.0)

Updates `undici` from 6.27.0 to 8.7.0
- [Release notes](https://github.com/nodejs/undici/releases)
- [Commits](nodejs/undici@v6.27.0...v8.7.0)

Updates `@eslint/js` from 9.39.4 to 9.39.5
- [Release notes](https://github.com/eslint/eslint/releases)
- [Commits](https://github.com/eslint/eslint/commits/v9.39.5/packages/js)

Updates `allure-commandline` from 2.37.0 to 2.43.0
- [Release notes](https://github.com/allure-framework/allure-npm/releases)
- [Commits](allure-framework/allure-npm@2.37.0...2.43.0)

Updates `allure-jest` from 3.10.1 to 3.10.2
- [Release notes](https://github.com/allure-framework/allure-js/releases)
- [Commits](https://github.com/allure-framework/allure-js/commits/v3.10.2/packages/allure-jest)

Updates `eslint` from 9.39.4 to 9.39.5
- [Release notes](https://github.com/eslint/eslint/releases)
- [Commits](eslint/eslint@v9.39.4...v9.39.5)

Updates `jest-junit` from 16.0.0 to 17.0.0
- [Release notes](https://github.com/jest-community/jest-junit/releases)
- [Commits](jest-community/jest-junit@v16.0.0...v17.0.0)

Updates `supertest` from 6.3.4 to 7.2.2
- [Release notes](https://github.com/ladjs/supertest/releases)
- [Commits](forwardemail/supertest@v6.3.4...v7.2.2)

Updates `typescript` from 6.0.3 to 7.0.2
- [Release notes](https://github.com/microsoft/TypeScript/releases)
- [Commits](https://github.com/microsoft/TypeScript/commits)

---
updated-dependencies:
- dependency-name: axios
  dependency-version: 1.18.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-all
- dependency-name: cheerio
  dependency-version: 1.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-all
- dependency-name: cors
  dependency-version: 2.8.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm-all
- dependency-name: dotenv
  dependency-version: 17.4.2
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: npm-all
- dependency-name: helmet
  dependency-version: 8.3.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: npm-all
- dependency-name: joi
  dependency-version: 18.2.3
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: npm-all
- dependency-name: js-yaml
  dependency-version: 5.2.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-all
- dependency-name: pino
  dependency-version: 10.3.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: npm-all
- dependency-name: pino-http
  dependency-version: 11.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: npm-all
- dependency-name: redis
  dependency-version: 6.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-all
- dependency-name: replicate
  dependency-version: 1.4.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: npm-all
- dependency-name: undici
  dependency-version: 8.7.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: npm-all
- dependency-name: "@eslint/js"
  dependency-version: 9.39.5
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-all
- dependency-name: allure-commandline
  dependency-version: 2.43.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-all
- dependency-name: allure-jest
  dependency-version: 3.10.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-all
- dependency-name: eslint
  dependency-version: 9.39.5
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-all
- dependency-name: jest-junit
  dependency-version: 17.0.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: npm-all
- dependency-name: supertest
  dependency-version: 7.2.2
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: npm-all
- dependency-name: typescript
  dependency-version: 7.0.2
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: npm-all
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jul 14, 2026
@dependabot dependabot Bot requested a review from jsugg as a code owner July 14, 2026 14:36
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jul 14, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants