Skip to content

chore(deps-dev): bump the patch-updates group across 1 directory with 5 updates#18

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/frontend/patch-updates-1dc22c1787
Open

chore(deps-dev): bump the patch-updates group across 1 directory with 5 updates#18
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/frontend/patch-updates-1dc22c1787

Conversation

@dependabot
Copy link
Copy Markdown

@dependabot dependabot Bot commented on behalf of github Apr 8, 2026
edited
Loading

Bumps the patch-updates group with 4 updates in the /frontend directory: @types/node, @vitest/coverage-v8, globals and happy-dom.

Updates @types/node from 25.1.0 to 25.5.2

Commits

Updates @vitest/coverage-v8 from 4.0.18 to 4.1.3

Release notes

Sourced from @​vitest/coverage-v8's releases.

v4.1.3

   🚀 Experimental Features

   🐞 Bug Fixes

    View changes on GitHub

v4.1.2

This release bumps Vitest's flatted version and removes version pinning to resolve flatted's CVE related issues (vitest-dev/vitest#9975).

   🐞 Bug Fixes

    View changes on GitHub

v4.1.1

   🚀 Features

   🐞 Bug Fixes

... (truncated)

Commits

Updates globals from 17.2.0 to 17.4.0

Release notes

Sourced from globals's releases.

v17.4.0

  • Update globals (2026-03-01) (#338) d43a051

sindresorhus/globals@v17.3.0...v17.4.0

v17.3.0

  • Update globals (2026-02-01) (#336) 295fba9

sindresorhus/globals@v17.2.0...v17.3.0

Commits

Updates happy-dom from 20.4.0 to 20.8.9

Release notes

Sourced from happy-dom's releases.

v20.8.9

👷‍♂️ Patch fixes

  • Fixes issue where cookies from the current origin was being forwarded to the target origin in fetch requests - By @​capricorn86 in task #2117

v20.8.8

👷‍♂️ Patch fixes

  • Fixes issue where export names can be interpolated as executable code in ESM - By @​capricorn86 in task #2113
    • A security advisory (GHSA-6q6h-j7hj-3r64) has been reported that shows a security vulnerability where it may be possible to escape the VM context and get access to process level functionality in unsafe environments using CommonJS. Big thanks to @​tndud042713 for reporting this!

v20.8.7

👷‍♂️ Patch fixes

  • Replace implementing Node.js Console with common IConsole interface to support latest version of Bun - By @​YevheniiKotyrlo in task #1845

v20.8.6

👷‍♂️ Patch fixes

v20.8.5

👷‍♂️ Patch fixes

  • Fixes error thrown when modifying DOM structure in connectedCallback() - By @​capricorn86 in task #2110

v20.8.4

👷‍♂️ Patch fixes

v20.8.3

👷‍♂️ Patch fixes

  • Throw error if event is not of type Event in EventTarget.dispatchEvent() - By @​capricorn86 in task #2054

v20.8.2

👷‍♂️ Patch fixes

  • Resets Event.cancelBubble and Event.defaultPrevented when calling Event.initEvent() - By @​capricorn86 in task #2090

v20.8.1

👷‍♂️ Patch fixes

v20.8.0

🎨 Features

  • Adds support for setPointerCapture, hasPointerCapture, and releasePointerCapture to Element - By @​coffeeandwork in task #1733

v20.7.2

👷‍♂️ Patch fixes

  • Properly decode CSS escape sequences in attribute selector values - By @​silverwind

v20.7.1

👷‍♂️ Patch fixes

  • Fixes issue related to parsing direct descendants (>) and universal (*) query selectors - By @​Cherry in task #2078

... (truncated)

Commits
  • 68324c2 fix: #2117 Fixes issue related to cookies from the current origin being for...
  • 5437fdf fix: #2113 Fixes issue where export names can be interpolated as executable...
  • 7e97acb fix: #1845 Replace implementing Node js Console with common IConsole interf...
  • 3373929 fix: #2106 Request.formData() should honor Content-Type header (#2107)
  • 55c17ba fix: #2110 Fixes error thrown when modifying DOM structure in connectedCall...
  • 82a0888 fix: #1845 Replace ConsoleConstructor import with indexed access type (#2095)
  • 5998eea fix: #2054 Throw error if event is not of type Event in dispatchEvent (#2092)
  • 7a11238 fix: #2090 Resets cancelBubble and defaultPrevented when calling initEvent ...
  • 7d27984 fix: #1422 Make inert attribute block focus interactions (#2083)
  • 53e4ec9 feat: #1733 Adds support for setPointerCapture, hasPointerCapture, and rele...
  • Additional commits viewable in compare view

Updates vitest from 4.0.18 to 4.1.3

Release notes

Sourced from vitest's releases.

v4.1.3

   🚀 Experimental Features

   🐞 Bug Fixes

    View changes on GitHub

v4.1.2

This release bumps Vitest's flatted version and removes version pinning to resolve flatted's CVE related issues (vitest-dev/vitest#9975).

   🐞 Bug Fixes

    View changes on GitHub

v4.1.1

   🚀 Features

   🐞 Bug Fixes

... (truncated)

Commits
  • 2dc0d62 chore: release v4.1.3
  • 7827363 feat: add experimental.preParse flag (#10070)
  • 691d341 fix(snapshot): export custom snapshot matcher helper from vitest (#10042)
  • 59b0e64 feat(experimental/snapshot): support custom snapshot matcher (#9973)
  • 487990a feat(experimental): support browser.locators.exact option (#10013)
  • 146d4f0 fix: add @vitest/coverage-v8 and @vitest/coverage-istanbul as optional de...
  • 3f5bfa3 fix: advance fake timers with expect.poll interval (#10022)
  • 9dbf477 fix(vm): fix external module resolve error with deps optimizer query (#10024)
  • ec20455 fix(expect): don't leak "runner" types (#10004)
  • 66751c9 fix(expect): remove JestExtendError.context from verbose error reporting (#...
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps-dev): bump the patch-updates group across 1 directory with…
3fb1228 
… 5 updates

Bumps the patch-updates group with 4 updates in the /frontend directory: [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node), [@vitest/coverage-v8](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8), [globals](https://github.com/sindresorhus/globals) and [happy-dom](https://github.com/capricorn86/happy-dom).


Updates `@types/node` from 25.1.0 to 25.5.2
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `@vitest/coverage-v8` from 4.0.18 to 4.1.3
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.3/packages/coverage-v8)

Updates `globals` from 17.2.0 to 17.4.0
- [Release notes](https://github.com/sindresorhus/globals/releases)
- [Commits](sindresorhus/globals@v17.2.0...v17.4.0)

Updates `happy-dom` from 20.4.0 to 20.8.9
- [Release notes](https://github.com/capricorn86/happy-dom/releases)
- [Commits](capricorn86/happy-dom@v20.4.0...v20.8.9)

Updates `vitest` from 4.0.18 to 4.1.3
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.3/packages/vitest)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-version: 25.5.2
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: patch-updates
- dependency-name: "@vitest/coverage-v8"
  dependency-version: 4.1.3
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: patch-updates
- dependency-name: globals
  dependency-version: 17.4.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: patch-updates
- dependency-name: happy-dom
  dependency-version: 20.8.9
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: patch-updates
- dependency-name: vitest
  dependency-version: 4.1.3
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: patch-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github
Copy link
Copy Markdown
Author

dependabot Bot commented on behalf of github Apr 8, 2026

Labels

The following labels could not be found: dependencies, javascript. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants