Skip to content

build(deps): bump the minor-and-patch group with 9 updates#137

Merged
uhyo merged 1 commit into
masterfrom
dependabot/npm_and_yarn/minor-and-patch-de7671ff11
Jul 13, 2026
Merged

build(deps): bump the minor-and-patch group with 9 updates#137
uhyo merged 1 commit into
masterfrom
dependabot/npm_and_yarn/minor-and-patch-de7671ff11

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 12, 2026

Copy link
Copy Markdown
Contributor

Bumps the minor-and-patch group with 9 updates:

Package From To
oxlint 1.72.0 1.73.0
prettier 3.9.4 3.9.5
turbo 2.10.3 2.10.4
wrangler 4.107.0 4.110.0
srvx 0.11.21 0.11.22
tsdown 0.22.3 0.22.5
vitest 4.1.9 4.1.10
@types/node 26.1.0 26.1.1
vite 8.1.3 8.1.4

Updates oxlint from 1.72.0 to 1.73.0

Release notes

Sourced from oxlint's releases.

oxlint v1.27.0 && oxfmt v0.12.0

Oxlint v1.27.0

🚀 Features

  • 222a8f0 linter/plugins: Implement SourceCode#isSpaceBetween (#15498) (overlookmotel)
  • 2f9735d linter/plugins: Implement context.languageOptions (#15486) (overlookmotel)
  • bc731ff linter/plugins: Stub out all Context APIs (#15479) (overlookmotel)
  • 5822cb4 linter/plugins: Add extend method to FILE_CONTEXT (#15477) (overlookmotel)
  • 7b1e6f3 apps: Add pure rust binaries and release to github (#15469) (Boshen)
  • 2a89b43 linter: Introduce debug assertions after fixes to assert validity (#15389) (camc314)
  • ad3c45a editor: Add oxc.path.node option (#15040) (Sysix)

🐛 Bug Fixes

  • 6f3cd77 linter/no-var: Incorrect warning for blocks (#15504) (Hamir Mahal)
  • 6957fb9 linter/plugins: Do not allow access to Context#id in createOnce (#15489) (overlookmotel)
  • 7409630 linter/plugins: Allow access to cwd in createOnce in ESLint interop mode (#15488) (overlookmotel)
  • 732205e parser: Reject using / await using in a switch case / default clause (#15225) (sapphi-red)
  • a17ca32 linter/plugins: Replace Context class (#15448) (overlookmotel)
  • ecf2f7b language_server: Fail gracefully when tsgolint executable not found (#15436) (camc314)
  • 3c8d3a7 lang-server: Improve logging in failure case for tsgolint (#15299) (camc314)
  • ef71410 linter: Use jsx if source type is JS in fix debug assertion (#15434) (camc314)
  • e32bbf6 linter/no-var: Handle TypeScript declare keyword in fixer (#15426) (camc314)
  • 6565dbe linter/switch-case-braces: Skip comments when searching for : token (#15425) (camc314)
  • 85bd19a linter/prefer-class-fields: Insert value after type annotation in fixer (#15423) (camc314)
  • fde753e linter/plugins: Block access to context.settings in createOnce (#15394) (overlookmotel)
  • ddd9f9f linter/forward-ref-uses-ref: Dont suggest removing wrapper in invalid positions (#15388) (camc314)
  • dac2a9c linter/no-template-curly-in-string: Remove fixer (#15387) (camc314)
  • 989b8e3 linter/no-var: Only fix to const if the var has an initializer (#15385) (camc314)
  • cc403f5 linter/plugins: Return empty object for unimplemented parserServices (#15364) (magic-akari)

⚡ Performance

  • 25d577e language_server: Start tools in parallel (#15500) (Sysix)
  • 3c57291 linter/plugins: Optimize loops (#15449) (overlookmotel)
  • 3166233 linter/plugins: Remove Arcs (#15431) (overlookmotel)
  • 9de1322 linter/plugins: Lazily deserialize settings JSON (#15395) (overlookmotel)
  • 3049ec2 linter/plugins: Optimize deepFreezeSettings (#15392) (overlookmotel)
  • 444ebfd linter/plugins: Use single object for parserServices (#15378) (overlookmotel)

📚 Documentation

  • 97d2104 linter: Update comment in lint.rs about default value for tsconfig path (#15530) (Connor Shea)
  • 2c6bd9e linter: Always refer as "ES2015" instead of "ES6" (#15411) (sapphi-red)
  • a0c5203 linter/import/named: Update "ES7" comment in examples (#15410) (sapphi-red)
  • 3dc24b5 linter,minifier: Always refer as "ES Modules" instead of "ES6 Modules" (#15409) (sapphi-red)
  • 2ad77fb linter/no-this-before-super: Correct "Why is this bad?" section (#15408) (sapphi-red)
  • 57f0ce1 linter: Add backquotes where appropriate (#15407) (sapphi-red)

Oxfmt v0.12.0

... (truncated)

Changelog

Sourced from oxlint's changelog.

[1.73.0] - 2026-07-06

🚀 Features

  • a2c97f3 linter/unicorn: Implement explicit-timer-delay rule (#23612) (Mikhail Baev)
  • 85735cb linter/unicorn: Implement no-confusing-array-with rule (#23638) (Shekhu☺️)
  • cb4fbb9 linter/eslint: Implement no-unreachable-loop rule (#23975) (Todor Andonov)
  • dc32112 linter/eslint/no-constant-binary-expression: Check relational comparisons (#24088) (camc314)
  • d963967 linter/unicorn/no-array-sort: Add allowAfterSpread option (#24043) (Boshen)
  • 0a75682 linter: Add per-rule timings for type-aware linting (#22488) (camchenry)
  • 743e222 linter/react: Add disallowedValues option for forbid-dom-props rule (#23970) (Mikhail Baev)

🐛 Bug Fixes

  • bdb51c7 linter/jest/prefer-ending-with-an-expect: Validate config patterns (#24122) (camc314)
  • 45d607d linter/react/forbid-component-props: Make allow/disallow lists optional in schema (#24024) (Boshen)
Commits
  • 39677ba release(apps): oxlint v1.73.0 && oxfmt v0.58.0 (#24219)
  • a2c97f3 feat(linter/unicorn): implement explicit-timer-delay rule (#23612)
  • bdb51c7 fix(linter/jest/prefer-ending-with-an-expect): validate config patterns (#24122)
  • 85735cb feat(linter/unicorn): implement no-confusing-array-with rule (#23638)
  • cb4fbb9 feat(linter/eslint): implement no-unreachable-loop rule (#23975)
  • dc32112 feat(linter/eslint/no-constant-binary-expression): check relational compariso...
  • d963967 feat(linter/unicorn/no-array-sort): add allowAfterSpread option (#24043)
  • 45d607d fix(linter/react/forbid-component-props): make allow/disallow lists optional ...
  • 0a75682 feat(linter): add per-rule timings for type-aware linting (#22488)
  • 743e222 feat(linter/react): add disallowedValues option for forbid-dom-props rule...
  • See full diff in compare view

Updates prettier from 3.9.4 to 3.9.5

Release notes

Sourced from prettier's releases.

3.9.5

🔗 Changelog

Changelog

Sourced from prettier's changelog.

3.9.5

diff

Markdown: Cap ordered list mark at 999,999,999 (#19351 by @​tats-u)

CommonMark parsers only support ordered list item numbers up to 999,999,999.

With this change, Prettier now caps the ordered list item number at 999,999,999 to ensure that the output is correctly parsed as an ordered list by CommonMark parsers. Numbers larger than 999,999,999 are not parsed as list item numbers and are left unchanged in the output:

<!-- Input -->
999999998. text
999999998. text
999999998. text
999999998. text
1234567890123456789012) text
<!-- Prettier 3.9.4 -->
999999998. text
999999999. text
1000000000. text
1000000001. text
1234567890123456789012) text
<!-- Prettier 3.9.5 -->
999999998. text
999999999. text
999999999. text
999999999. text
1234567890123456789012) text

Markdown: Avoid corrupting empty link with title (#19487 by @​andersk)

Do not remove <> from an inline link or image with an empty URL and a title, as this removal would change its interpretation.

<!-- Input -->
[link](https://github.com/prettier/prettier/blob/main/<> "title")
<!-- Prettier 3.9.4 -->
[link](https://github.com/prettier/prettier/blob/main/ "title")
<!-- Prettier 3.9.5 -->
</tr></table>

... (truncated)

Commits

Updates turbo from 2.10.3 to 2.10.4

Release notes

Sourced from turbo's releases.

Turborepo v2.10.4

What's Changed

Changelog

... (truncated)

Commits
  • 1506a11 publish 2.10.4 to registry
  • 11a68c7 fix: Stop flagging relative imports that resolve into node_modules in boundar...
  • 947b478 fix: Raise the open-file soft limit at startup (#13282)
  • ddc584d feat: Make turbo prune Cargo-aware (#13281)
  • ff0d508 perf: Skip dependency-closure assembly for toolchains that derive nothing (#1...
  • 39d623e feat: Make turbo watch Cargo-aware (#13280)
  • af01fdf fix: Collapse nested package-manager fallback conditional (#13279)
  • 7e02f94 release(turborepo): 2.10.4-canary.2 (#13278)
  • 8e3a59f release(library): 0.0.1-canary.23 (#13276)
  • ce18f0a test: Add end-to-end coverage for Cargo workspaces (#13274)
  • Additional commits viewable in compare view

Updates wrangler from 4.107.0 to 4.110.0

Release notes

Sourced from wrangler's releases.

wrangler@4.110.0

Minor Changes

  • #14591 0283a1f Thanks @​dario-piotrowicz! - Send npm package dependency metadata with worker uploads

    Wrangler now collects npm package dependency information from the project's package.json at deploy and version upload time, and includes it in the upload metadata sent to the Cloudflare API. This enables dependency analytics and future features like vulnerability alerting.

    The collected data includes the package name, the version constraint from package.json, and the exact installed version from node_modules. Both dependencies and devDependencies are included, while workspace packages, local packages, and unresolvable packages are excluded. The list is capped at 200 entries per upload.

    To opt out, set dependencies_instrumentation.enabled to false in your Wrangler configuration file:

    {
      "dependencies_instrumentation": {
        "enabled": false
      }
    }
  • #14535 1b965c5 Thanks @​Naapperas! - Support dynamic retry delays for Workflow steps in local dev

    A step's retries.delay can now be a function that computes the delay per failed attempt, in addition to a static duration. The function receives { ctx, error } and returns a delay (a number of milliseconds or a duration string like "30 seconds"), and its result is fed into the configured backoff.

    await step.do(
      "call flaky API",
      {
        retries: {
          limit: 5,
          backoff: "constant",
          delay: ({ ctx }) => ctx.attempt * 1000,
        },
      },
      async () => {
        /* ... */
      }
    );

    The function is invoked once per failed attempt with a 5 second timeout. If it throws, times out, or returns an invalid value, the step fails without further retries.

Patch Changes

  • #14589 7b28392 Thanks @​jamesopstad! - Fix runtime type caching when wrangler dev auto-regenerates types

    When dev.generate_types (or wrangler dev --types) regenerated an out-of-date worker-configuration.d.ts, the written file omitted the // Begin runtime types marker (and the /* eslint-disable */ header) that wrangler types writes. As a result, later runs could not detect the cached runtime types and always regenerated them. The auto-regenerated file now matches wrangler types output, restoring the cache.

  • Updated dependencies [1b965c5]:

    • miniflare@4.20260708.1

... (truncated)

Commits
  • eced610 Version Packages (#14628)
  • 7b28392 Move runtime type generation to dedicated internal package (#14589)
  • 0283a1f [wrangler] Add dependency metadata to worker uploads (#14591)
  • 774c09e Version Packages (#14603)
  • 2fedb1f Support workflow terminate rollback (#14465)
  • c782e2a [wrangler] Restrict name-ownership guard to Pages-to-Workers delegation (#14616)
  • 17d2fc1 [wrangler] Add turnstile widget CLI commands (#14511)
  • 315c77c chore: use catalog for workerd dependency (#14607)
  • 9f74a5f Workflows: Improve scheduled Workflows free-plan deploy error (#14604)
  • 394b8ae Fix wrangler linting (failing because of deprecated detectAgenticEnvironment ...
  • Additional commits viewable in compare view

Updates srvx from 0.11.21 to 0.11.22

Release notes

Sourced from srvx's releases.

v0.11.22

compare changes

🚀 Enhancements

📝 Docs

❤️ Contributors

Changelog

Sourced from srvx's changelog.

v0.11.22

compare changes

🚀 Enhancements

  • Add mtls plugin (#213)
  • Add trustProxy option (#223)

🏡 Chore

✅ Tests

  • mtls: Wire tls-peer-cert tests into CI, add Bun-guard regression test (137abc7)

❤️ Contributors

Commits

Updates tsdown from 0.22.3 to 0.22.5

Release notes

Sourced from tsdown's releases.

v0.22.5

   🚀 Features

   🐞 Bug Fixes

    View changes on GitHub

v0.22.4

   🚀 Features

   🐞 Bug Fixes

   🏎 Performance

    View changes on GitHub
Commits

Updates vitest from 4.1.9 to 4.1.10

Release notes

Sourced from vitest's releases.

v4.1.10

   🐞 Bug Fixes

    View changes on GitHub
Commits
  • db616d2 chore: release v4.1.10 (#10718)
  • bae52b5 fix(vm): fix external module resolve error with deps optimizer query for enco...
  • See full diff in compare view

Updates @types/node from 26.1.0 to 26.1.1

Commits

Updates vite from 8.1.3 to 8.1.4

Release notes

Sourced from vite's releases.

v8.1.4

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

8.1.4 (2026-07-09)

Features

Bug Fixes

  • build: add workaround for building on stackblitz (#22840) (575c32c)
  • build: keep import.meta.url in preload function as-is (#22839) (f1f90ed)
  • deps: update all non-major dependencies (#22865) (d4295a9)
  • deps: update rolldown-related dependencies (#22866) (7cf07e4)
  • html: avoid backtracking in import-only check (#22848) (b5868c0)
  • optimizer: avoid optimizer run for transform request before init (#22852) (72a5e21)
  • ssr: align named export function call stacktrace column with Node (#22829) (173a1b6)
  • strip pure CSS chunk imports when chunkImportMap is enabled (#22841) (648bd04)

Documentation

Miscellaneous Chores

  • deps: update dependency postcss-modules to v9 (#22867) (a9539d6)

Code Refactoring

Tests

Build System

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the minor-and-patch group with 9 updates:

| Package | From | To |
| --- | --- | --- |
| [oxlint](https://github.com/oxc-project/oxc/tree/HEAD/npm/oxlint) | `1.72.0` | `1.73.0` |
| [prettier](https://github.com/prettier/prettier) | `3.9.4` | `3.9.5` |
| [turbo](https://github.com/vercel/turborepo) | `2.10.3` | `2.10.4` |
| [wrangler](https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler) | `4.107.0` | `4.110.0` |
| [srvx](https://github.com/h3js/srvx) | `0.11.21` | `0.11.22` |
| [tsdown](https://github.com/rolldown/tsdown) | `0.22.3` | `0.22.5` |
| [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `4.1.9` | `4.1.10` |
| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `26.1.0` | `26.1.1` |
| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `8.1.3` | `8.1.4` |


Updates `oxlint` from 1.72.0 to 1.73.0
- [Release notes](https://github.com/oxc-project/oxc/releases)
- [Changelog](https://github.com/oxc-project/oxc/blob/main/npm/oxlint/CHANGELOG.md)
- [Commits](https://github.com/oxc-project/oxc/commits/oxlint_v1.73.0/npm/oxlint)

Updates `prettier` from 3.9.4 to 3.9.5
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](prettier/prettier@3.9.4...3.9.5)

Updates `turbo` from 2.10.3 to 2.10.4
- [Release notes](https://github.com/vercel/turborepo/releases)
- [Changelog](https://github.com/vercel/turborepo/blob/main/RELEASE.md)
- [Commits](vercel/turborepo@v2.10.3...v2.10.4)

Updates `wrangler` from 4.107.0 to 4.110.0
- [Release notes](https://github.com/cloudflare/workers-sdk/releases)
- [Commits](https://github.com/cloudflare/workers-sdk/commits/wrangler@4.110.0/packages/wrangler)

Updates `srvx` from 0.11.21 to 0.11.22
- [Release notes](https://github.com/h3js/srvx/releases)
- [Changelog](https://github.com/h3js/srvx/blob/main/CHANGELOG.md)
- [Commits](h3js/srvx@v0.11.21...v0.11.22)

Updates `tsdown` from 0.22.3 to 0.22.5
- [Release notes](https://github.com/rolldown/tsdown/releases)
- [Commits](rolldown/tsdown@v0.22.3...v0.22.5)

Updates `vitest` from 4.1.9 to 4.1.10
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Changelog](https://github.com/vitest-dev/vitest/blob/main/docs/releases.md)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.10/packages/vitest)

Updates `@types/node` from 26.1.0 to 26.1.1
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `vite` from 8.1.3 to 8.1.4
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v8.1.4/packages/vite)

---
updated-dependencies:
- dependency-name: oxlint
  dependency-version: 1.73.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: prettier
  dependency-version: 3.9.5
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: turbo
  dependency-version: 2.10.4
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: wrangler
  dependency-version: 4.110.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: srvx
  dependency-version: 0.11.22
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: tsdown
  dependency-version: 0.22.5
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: vitest
  dependency-version: 4.1.10
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: "@types/node"
  dependency-version: 26.1.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: vite
  dependency-version: 8.1.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jul 12, 2026
@uhyo uhyo merged commit 7ec42cf into master Jul 13, 2026
2 checks passed
@uhyo uhyo deleted the dependabot/npm_and_yarn/minor-and-patch-de7671ff11 branch July 13, 2026 05:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant