Skip to content

deps(deps-dev): bump the development-dependencies group across 1 directory with 9 updates#15

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/development-dependencies-38dcc6d786
Closed

deps(deps-dev): bump the development-dependencies group across 1 directory with 9 updates#15
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/development-dependencies-38dcc6d786

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Dec 1, 2025
edited
Loading

Copy link
Copy Markdown
Contributor

Bumps the development-dependencies group with 9 updates in the / directory:

Package From To
@types/express 5.0.3 5.0.5
@types/node 24.8.1 24.10.1
@vitest/browser 3.2.4 4.0.14
@vitest/coverage-v8 3.2.4 4.0.14
esbuild 0.25.11 0.27.0
happy-dom 20.0.7 20.0.11
nodemon 3.1.10 3.1.11
prettier 3.6.2 3.7.3
vitest 3.2.4 4.0.14

Updates @types/express from 5.0.3 to 5.0.5

Commits

Updates @types/node from 24.8.1 to 24.10.1

Commits

Updates @vitest/browser from 3.2.4 to 4.0.14

Release notes

Sourced from @​vitest/browser's releases.

v4.0.14

   🚀 Experimental Features

   🐞 Bug Fixes

   🏎 Performance

    View changes on GitHub

v4.0.13

   🐞 Bug Fixes

   🏎 Performance

    View changes on GitHub

v4.0.12

   🐞 Bug Fixes

... (truncated)

Commits
  • 9ca74cf chore: release v4.0.14
  • 2cc34e0 feat(browser): expose utils.configurePrettyDOM (#9103)
  • c37c2eb feat(ui): add tabbed failure view for toMatchScreenshot with comparison sli...
  • 229b5b3 chore: move check allow out of forEach (#9086)
  • f5b7237 fix(browser): unsubscribe onCancel on rpc destroy (#9088)
  • 73b54ce chore: release v4.0.13
  • 5aa84d5 chore: release v4.0.12
  • c3befb0 chore: release v4.0.11
  • 7729236 feat(api): add extensible test artifact API (#8987)
  • d6d3359 feat(experimental): support OpenTelemetry traces (#8994)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​vitest/browser since your current version.


Updates @vitest/coverage-v8 from 3.2.4 to 4.0.14

Release notes

Sourced from @​vitest/coverage-v8's releases.

v4.0.14

   🚀 Experimental Features

   🐞 Bug Fixes

   🏎 Performance

    View changes on GitHub

v4.0.13

   🐞 Bug Fixes

   🏎 Performance

    View changes on GitHub

v4.0.12

   🐞 Bug Fixes

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​vitest/coverage-v8 since your current version.


Updates esbuild from 0.25.11 to 0.27.0

Release notes

Sourced from esbuild's releases.

v0.27.0

This release deliberately contains backwards-incompatible changes. To avoid automatically picking up releases like this, you should either be pinning the exact version of esbuild in your package.json file (recommended) or be using a version range syntax that only accepts patch upgrades such as ^0.26.0 or ~0.26.0. See npm's documentation about semver for more information.

  • Use Uint8Array.fromBase64 if available (#4286)

    With this release, esbuild's binary loader will now use the new Uint8Array.fromBase64 function unless it's unavailable in the configured target environment. If it's unavailable, esbuild's previous code for this will be used as a fallback. Note that this means you may now need to specify target when using this feature with Node (for example --target=node22) unless you're using Node v25+.

  • Update the Go compiler from v1.23.12 to v1.25.4 (#4208, #4311)

    This raises the operating system requirements for running esbuild:

    • Linux: now requires a kernel version of 3.2 or later
    • macOS: now requires macOS 12 (Monterey) or later

v0.26.0

  • Enable trusted publishing (#4281)

    GitHub and npm are recommending that maintainers for packages such as esbuild switch to trusted publishing. With this release, a VM on GitHub will now build and publish all of esbuild's packages to npm instead of me. In theory.

    Unfortunately there isn't really a way to test that this works other than to do it live. So this release is that live test. Hopefully this release is uneventful and is exactly the same as the previous one (well, except for the green provenance attestation checkmark on npm that happens with trusted publishing).

v0.25.12

  • Fix a minification regression with CSS media queries (#4315)

    The previous release introduced support for parsing media queries which unintentionally introduced a regression with the removal of duplicate media rules during minification. Specifically the grammar for @media <media-type> and <media-condition-without-or> { ... } was missing an equality check for the <media-condition-without-or> part, so rules with different suffix clauses in this position would incorrectly compare equal and be deduplicated. This release fixes the regression.

  • Update the list of known JavaScript globals (#4310)

    This release updates esbuild's internal list of known JavaScript globals. These are globals that are known to not have side-effects when the property is accessed. For example, accessing the global Array property is considered to be side-effect free but accessing the global scrollY property can trigger a layout, which is a side-effect. This is used by esbuild's tree-shaking to safely remove unused code that is known to be side-effect free. This update adds the following global properties:

    From ES2017:

    • Atomics
    • SharedArrayBuffer

    From ES2020:

    • BigInt64Array
    • BigUint64Array

    From ES2021:

    • FinalizationRegistry
    • WeakRef

    From ES2025:

    • Float16Array
    • Iterator

    Note that this does not indicate that constructing any of these objects is side-effect free, just that accessing the identifier is side-effect free. For example, this now allows esbuild to tree-shake classes that extend from Iterator:

    // This can now be tree-shaken by esbuild:

... (truncated)

Changelog

Sourced from esbuild's changelog.

0.27.0

This release deliberately contains backwards-incompatible changes. To avoid automatically picking up releases like this, you should either be pinning the exact version of esbuild in your package.json file (recommended) or be using a version range syntax that only accepts patch upgrades such as ^0.26.0 or ~0.26.0. See npm's documentation about semver for more information.

  • Use Uint8Array.fromBase64 if available (#4286)

    With this release, esbuild's binary loader will now use the new Uint8Array.fromBase64 function unless it's unavailable in the configured target environment. If it's unavailable, esbuild's previous code for this will be used as a fallback. Note that this means you may now need to specify target when using this feature with Node (for example --target=node22) unless you're using Node v25+.

  • Update the Go compiler from v1.23.12 to v1.25.4 (#4208, #4311)

    This raises the operating system requirements for running esbuild:

    • Linux: now requires a kernel version of 3.2 or later
    • macOS: now requires macOS 12 (Monterey) or later

0.26.0

  • Enable trusted publishing (#4281)

    GitHub and npm are recommending that maintainers for packages such as esbuild switch to trusted publishing. With this release, a VM on GitHub will now build and publish all of esbuild's packages to npm instead of me. In theory.

    Unfortunately there isn't really a way to test that this works other than to do it live. So this release is that live test. Hopefully this release is uneventful and is exactly the same as the previous one (well, except for the green provenance attestation checkmark on npm that happens with trusted publishing).

0.25.12

  • Fix a minification regression with CSS media queries (#4315)

    The previous release introduced support for parsing media queries which unintentionally introduced a regression with the removal of duplicate media rules during minification. Specifically the grammar for @media <media-type> and <media-condition-without-or> { ... } was missing an equality check for the <media-condition-without-or> part, so rules with different suffix clauses in this position would incorrectly compare equal and be deduplicated. This release fixes the regression.

  • Update the list of known JavaScript globals (#4310)

    This release updates esbuild's internal list of known JavaScript globals. These are globals that are known to not have side-effects when the property is accessed. For example, accessing the global Array property is considered to be side-effect free but accessing the global scrollY property can trigger a layout, which is a side-effect. This is used by esbuild's tree-shaking to safely remove unused code that is known to be side-effect free. This update adds the following global properties:

    From ES2017:

    • Atomics
    • SharedArrayBuffer

    From ES2020:

    • BigInt64Array
    • BigUint64Array

    From ES2021:

    • FinalizationRegistry
    • WeakRef

    From ES2025:

    • Float16Array
    • Iterator

    Note that this does not indicate that constructing any of these objects is side-effect free, just that accessing the identifier is side-effect free. For example, this now allows esbuild to tree-shake classes that extend from Iterator:

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for esbuild since your current version.


Updates happy-dom from 20.0.7 to 20.0.11

Release notes

Sourced from happy-dom's releases.

v20.0.11

👷‍♂️ Patch fixes

  • Always include manually set authorization headers in requests - By @​capricorn86 in task #1048'
    • Authorization headers should only be omitted when automatically set by page context

v20.0.10

👷‍♂️ Patch fixes

  • Clears event listeners on all nodes when a Window is closed to prevent memory leaks - By @​TrevorBurnham in task #1892

v20.0.9

👷‍♂️ Patch fixes

  • Elements should only be upgraded to a custom element (web component) when the element is in the document - By @​capricorn86 in task #1945
    • This will also improve the memory footprint as the listeners prevented nodes from being garbage collected until the document was closed

v20.0.8

👷‍♂️ Patch fixes

  • Fixes issue where previousSibling() and nextSibling() didn't work in HTMLSelectElement and HTMLFormElement - By @​capricorn86 in task #1939
  • Fixes issue where parsing an item without a permitted parent (e.g. <tr>) should be valid inside a \<template> element - By @​capricorn86 in task #1939
Commits
  • b435ce7 fix: #1048 Always include manually set authorization headers in requests (#...
  • f68210e chore: #0 Removes previous sponsors (#1958)
  • 2cc0443 fix: #1892 Clears event listeners on all Nodes when a window to prevent mem...
  • 70dde49 fix: #1945 Elements should only be upgraded to a custom element when the el...
  • 6070199 fix: #1939 Fixes issue where HTMLSelectElement previousSibling and nextSibl...
  • See full diff in compare view

Updates nodemon from 3.1.10 to 3.1.11

Release notes

Sourced from nodemon's releases.

v3.1.11

3.1.11 (2025-11-11)

Bug Fixes

Commits

Updates prettier from 3.6.2 to 3.7.3

Release notes

Sourced from prettier's releases.

3.7.3

What's Changed

🔗 Changelog

3.7.2

What's Changed

🔗 Changelog

3.7.1

🔗 Changelog

3.7.0

diff

🔗 Release note

Changelog

Sourced from prettier's changelog.

3.7.3

diff

API: Fix prettier.getFileInfo() change that breaks VSCode extension (#18375 by @​fisker)

An internal refactor accidentally broke the VSCode extension plugin loading.

3.7.2

diff

JavaScript: Fix string print when switching quotes (#18351 by @​fisker)

// Input
console.log("A descriptor\\'s .kind must be \"method\" or \"field\".")
// Prettier 3.7.1
console.log('A descriptor\'s .kind must be "method" or "field".');
// Prettier 3.7.2
console.log('A descriptor\'s .kind must be "method" or "field".');

JavaScript: Preserve quote for embedded HTML attribute values (#18352 by @​kovsu)

// Input
const html = /* HTML */ ` <div class="${styles.banner}"></div> `;
// Prettier 3.7.1
const html = /* HTML */ &lt;div class=${styles.banner}&gt;&lt;/div&gt;;
// Prettier 3.7.2
const html = /* HTML */ &lt;div class=&quot;${styles.banner}&quot;&gt;&lt;/div&gt;;

TypeScript: Fix comment in empty type literal (#18364 by @​fisker)

// Input
export type XXX = {
  // tbd
};
// Prettier 3.7.1
</tr></table>

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for prettier since your current version.


Updates vitest from 3.2.4 to 4.0.14

Release notes

Sourced from vitest's releases.

v4.0.14

   🚀 Experimental Features

   🐞 Bug Fixes

   🏎 Performance

    View changes on GitHub

v4.0.13

   🐞 Bug Fixes

   🏎 Performance

    View changes on GitHub

v4.0.12

   🐞 Bug Fixes

... (truncated)

Commits
  • 9ca74cf chore: release v4.0.14
  • 821aa20 feat(runner): Add full names to tasks (#9087)
  • 1256b5c fix: rename collect to import, remove prepare (#9091)
  • 3326cc9 fix: collect the duration of external imports (#9097)
  • 379185b fix(pool): init VITEST_POOL_ID + VITEST_WORKER_ID before environment setu...
  • 2c468ee fix(jsdom): reuse abort signals if possible (#9090)
  • e1b2e08 fix: externalize before caching (#9077)
  • acc5152 perf: replace debug with obug (#9057)
  • 73b54ce chore: release v4.0.13
  • b27e002 perf: avoid fetchModule roundtrip if the module is cached (#9075)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for vitest since your current version.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
deps(deps-dev): bump the development-dependencies group across 1 dire…
a446300 
…ctory with 9 updates

Bumps the development-dependencies group with 9 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [@types/express](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/express) | `5.0.3` | `5.0.5` |
| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `24.8.1` | `24.10.1` |
| [@vitest/browser](https://github.com/vitest-dev/vitest/tree/HEAD/packages/browser) | `3.2.4` | `4.0.14` |
| [@vitest/coverage-v8](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8) | `3.2.4` | `4.0.14` |
| [esbuild](https://github.com/evanw/esbuild) | `0.25.11` | `0.27.0` |
| [happy-dom](https://github.com/capricorn86/happy-dom) | `20.0.7` | `20.0.11` |
| [nodemon](https://github.com/remy/nodemon) | `3.1.10` | `3.1.11` |
| [prettier](https://github.com/prettier/prettier) | `3.6.2` | `3.7.3` |
| [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `3.2.4` | `4.0.14` |



Updates `@types/express` from 5.0.3 to 5.0.5
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/express)

Updates `@types/node` from 24.8.1 to 24.10.1
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `@vitest/browser` from 3.2.4 to 4.0.14
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.0.14/packages/browser)

Updates `@vitest/coverage-v8` from 3.2.4 to 4.0.14
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.0.14/packages/coverage-v8)

Updates `esbuild` from 0.25.11 to 0.27.0
- [Release notes](https://github.com/evanw/esbuild/releases)
- [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG.md)
- [Commits](evanw/esbuild@v0.25.11...v0.27.0)

Updates `happy-dom` from 20.0.7 to 20.0.11
- [Release notes](https://github.com/capricorn86/happy-dom/releases)
- [Commits](capricorn86/happy-dom@v20.0.7...v20.0.11)

Updates `nodemon` from 3.1.10 to 3.1.11
- [Release notes](https://github.com/remy/nodemon/releases)
- [Commits](remy/nodemon@v3.1.10...v3.1.11)

Updates `prettier` from 3.6.2 to 3.7.3
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](prettier/prettier@3.6.2...3.7.3)

Updates `vitest` from 3.2.4 to 4.0.14
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.0.14/packages/vitest)

---
updated-dependencies:
- dependency-name: "@types/express"
  dependency-version: 5.0.5
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: development-dependencies
- dependency-name: "@types/node"
  dependency-version: 24.10.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: development-dependencies
- dependency-name: "@vitest/browser"
  dependency-version: 4.0.14
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: development-dependencies
- dependency-name: "@vitest/coverage-v8"
  dependency-version: 4.0.14
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: development-dependencies
- dependency-name: esbuild
  dependency-version: 0.27.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: development-dependencies
- dependency-name: happy-dom
  dependency-version: 20.0.11
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: development-dependencies
- dependency-name: nodemon
  dependency-version: 3.1.11
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: development-dependencies
- dependency-name: prettier
  dependency-version: 3.7.3
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: development-dependencies
- dependency-name: vitest
  dependency-version: 4.0.14
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: development-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Dec 1, 2025
@codecov-commenter

codecov-commenter commented Dec 1, 2025

Copy link
Copy Markdown

⚠️ Please install the 'codecov app svg image' to ensure uploads and comments are reliably processed by Codecov.

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 90.66%. Comparing base (0d6d9e4) to head (a446300).
❗ Your organization needs to install the Codecov GitHub app to enable full functionality.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main      #15      +/-   ##
==========================================
+ Coverage   89.68%   90.66%   +0.97%     
==========================================
  Files          31       28       -3     
  Lines        3491     1906    -1585     
  Branches      622      540      -82     
==========================================
- Hits         3131     1728    -1403     
+ Misses        360      177     -183     
- Partials        0        1       +1
Flag Coverage Δ
unittests 90.66% <ø> (+0.97%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@dependabot @github

dependabot Bot commented on behalf of github Dec 8, 2025

Copy link
Copy Markdown
Contributor Author

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this Dec 8, 2025
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/development-dependencies-38dcc6d786 branch December 8, 2025 05:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@fcapolini fcapolini

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@codecov-commenter @fcapolini