Skip to content

fix(deps): update all dependencies #188

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

fix(deps): update all dependencies #188

wants to merge 1 commit into from
+458 −541

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Aug 20, 2025
edited
Loading

This PR contains the following updates:

Package Change Age Adoption Passing Confidence Type Update
@chainsafe/libp2p-yamux ^7.0.1 -> ^8.0.0 age adoption passing confidence dependencies major
@libp2p/interface (source) ^2.6.1 -> ^3.0.0 age adoption passing confidence dependencies major
@typescript-eslint/eslint-plugin (source) 8.46.1 -> 8.46.2 age adoption passing confidence devDependencies patch
@typescript-eslint/parser (source) 8.46.1 -> 8.46.2 age adoption passing confidence devDependencies patch
esbuild 0.25.10 -> 0.25.11 age adoption passing confidence devDependencies patch
eslint (source) 9.37.0 -> 9.38.0 age adoption passing confidence devDependencies minor
github.com/evanw/esbuild v0.25.10 -> v0.25.11 age adoption passing confidence require patch
github.com/golangci/golangci-lint/v2 v2.5.0 -> v2.6.0 age adoption passing confidence require minor
github/codeql-action v4.30.8 -> v4.31.2 age adoption passing confidence action minor
lint-staged 16.2.4 -> 16.2.6 age adoption passing confidence devDependencies patch
mvdan.cc/gofumpt v0.9.1 -> v0.9.2 age adoption passing confidence require patch
vitest (source) ^3.0.7 -> ^4.0.0 age adoption passing confidence devDependencies major

Release Notes

ChainSafe/js-libp2p-yamux (@​chainsafe/libp2p-yamux)

v8.0.1

Compare Source

Bug Fixes
  • make sendReset synchronous to avoid unhandled rejections (#​113) (232fb1b)

v8.0.0

Compare Source

⚠ BREAKING CHANGES
Features
libp2p/js-libp2p (@​libp2p/interface)

v3.1.0

Compare Source

v3.0.2

Compare Source

v3.0.1

Compare Source

v3.0.0

Compare Source

typescript-eslint/typescript-eslint (@​typescript-eslint/eslint-plugin)

v8.46.2

Compare Source

🩹 Fixes
  • eslint-plugin: [prefer-optional-chain] skip optional chaining when it could change the result (#​11702)
❤️ Thank You
  • mdm317

You can read about our versioning strategy and releases on our website.

typescript-eslint/typescript-eslint (@​typescript-eslint/parser)

v8.46.2

Compare Source

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

evanw/esbuild (esbuild)

v0.25.11

Compare Source

  • Add support for with { type: 'bytes' } imports (#​4292)

    The import bytes proposal has reached stage 2.7 in the TC39 process, which means that although it isn't quite recommended for implementation, it's generally approved and ready for validation. Furthermore it has already been implemented by Deno and Webpack. So with this release, esbuild will also add support for this. It behaves exactly the same as esbuild's existing binary loader. Here's an example:

    import data from './image.png' with { type: 'bytes' }
const view = new DataView(data.buffer, 0, 24)
const width = view.getInt32(16)
const height = view.getInt32(20)
console.log('size:', width + '\xD7' + height)

  • Lower CSS media query range syntax (#​3748, #​4293)

    With this release, esbuild will now transform CSS media query range syntax into equivalent syntax using min-/max- prefixes for older browsers. For example, the following CSS:

    @&#8203;media (640px <= width <= 960px) {
  main {
    display: flex;
  }
}

    will be transformed like this with a target such as --target=chrome100 (or more specifically with --supported:media-range=false if desired):

    @&#8203;media (min-width: 640px) and (max-width: 960px) {
  main {
    display: flex;
  }
}
eslint/eslint (eslint)

v9.38.0

Compare Source

Features

  • ce40f74 feat: update complexity rule to only highlight function header (#​20048) (Atul Nair)
  • e37e590 feat: correct no-loss-of-precision false positives with e notation (#​20187) (Francesco Trotta)

Bug Fixes

  • 50c3dfd fix: improve type support for isolated dependencies in pnpm (#​20201) (Francesco Trotta)
  • a1f06a3 fix: correct SourceCode typings (#​20114) (Pixel998)

Documentation

  • 462675a docs: improve web accessibility by hiding non-semantic character (#​20205) (루밀LuMir)
  • c070e65 docs: correct formatting in no-irregular-whitespace rule documentation (#​20203) (루밀LuMir)
  • b39e71a docs: Update README (GitHub Actions Bot)
  • cd39983 docs: move custom-formatters type descriptions to nodejs-api (#​20190) (Percy Ma)

Chores

golangci/golangci-lint (github.com/golangci/golangci-lint/v2)

v2.6.0

Compare Source

  1. New linters
    • Add modernize analyzer suite
  2. Linters new features or changes
    • arangolint: from 0.2.0 to 0.3.1
    • dupword: from 0.1.6 to 0.1.7 (new option comments-only)
    • go-critic: from 0.13.0 to 0.14.0 (new rules/checkers: zeroByteRepeat, dupOption)
    • gofumpt: from 0.9.1 to 0.9.2 ("clothe" naked returns is now controlled by the extra-rules option)
    • perfsprint: from 0.9.1 to 0.10.0 (new options: concat-loop, loop-other-ops)
    • wsl: from 5.2.0 to 5.3.0
  3. Linters bug fixes
    • dupword: from 0.1.6 to 0.1.7
    • durationcheck: from 0.0.10 to 0.0.11
    • exptostd: from 0.4.4 to 0.4.5
    • fatcontext: from 0.8.1 to 0.9.0
    • forbidigo: from 2.1.0 to 2.3.0
    • ginkgolinter: from 0.21.0 to 0.21.2
    • godoc-lint: from 0.10.0 to 0.10.1
    • gomoddirectives: from 0.7.0 to 0.7.1
    • gosec: from 2.22.8 to 2.22.10
    • makezero: from 2.0.1 to 2.1.0
    • nilerr: from 0.1.1 to 0.1.2
    • paralleltest: from 1.0.14 to 1.0.15
    • protogetter: from 0.3.16 to 0.3.17
    • unparam: from 0df0534 to 5beb8c8
  4. Misc.
    • fix: ignore some files to hash the version for custom build
github/codeql-action (github/codeql-action)

v4.31.2

Compare Source

v4.31.1

Compare Source

v4.31.0

Compare Source

v4.30.9

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

4.30.9 - 17 Oct 2025
  • Update default CodeQL bundle version to 2.23.3. #​3205
  • Experimental: A new setup-codeql action has been added which is similar to init, except it only installs the CodeQL CLI and does not initialize a database. Do not use this in production as it is part of an internal experiment and subject to change at any time. #​3204

See the full CHANGELOG.md for more information.

lint-staged/lint-staged (lint-staged)

v16.2.6

Compare Source

Patch Changes

v16.2.5

Compare Source

Patch Changes
  • #​1687 9e02d9d Thanks @​iiroj! - Fix unhandled promise rejection when spawning tasks (instead of the tasks themselves failing). Previously when a task failed to spawn, lint-staged also failed and the backup stash might not have been automatically restored.
mvdan/gofumpt (mvdan.cc/gofumpt)

v0.9.2

Compare Source

This release moves the "clothe naked returns" rule under gofumpt -extra, following the discussion in #​285.

Binaries built on go version go1.25.3 linux/amd64 with:

CGO_ENABLED=0 go build -trimpath -ldflags="-w -s"

Consider becoming a sponsor if you benefit from the work that went into this release!

Note that this release no longer includes a sha256sums.txt asset; GitHub now provide digests natively.

vitest-dev/vitest (vitest)

v4.0.5

Compare Source

   🐞 Bug Fixes
   🏎 Performance
    View changes on GitHub

v4.0.4

Compare Source

   🐞 Bug Fixes
   🏎 Performance
    View changes on GitHub

v4.0.3

Compare Source

   🐞 Bug Fixes
    View changes on GitHub

v4.0.2

Compare Source

   🐞 Bug Fixes
    View changes on GitHub

v4.0.1

Compare Source

   🐞 Bug Fixes
    View changes on GitHub

v4.0.0

Compare Source

   🚨 Breaking Changes
   🚀 Features
   🐞 Bug Fixes

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@socket-security
Copy link

socket-security bot commented Aug 20, 2025
edited
Loading

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Updatednpm/​@​typescript-eslint/​parser@​8.46.1 ⏵ 8.46.21001007196 -1100
Updatednpm/​esbuild@​0.25.10 ⏵ 0.25.11921007391100
Updatedgolang/​github.com/​golangci/​golangci-lint/​v2@​v2.5.0 ⏵ v2.6.074 +110010010070
Updatednpm/​vitest@​3.2.4 ⏵ 4.0.598 +11007999100
Updatednpm/​@​typescript-eslint/​eslint-plugin@​8.46.1 ⏵ 8.46.2991008096 -1100
Updatedgolang/​github.com/​evanw/​esbuild@​v0.25.10 ⏵ v0.25.1184 +1100100100100
Updatednpm/​@​chainsafe/​libp2p-yamux@​7.0.4 ⏵ 8.0.19810010089 +1100
Updatednpm/​@​libp2p/​interface@​2.11.0 ⏵ 3.1.0100 +110090100100
Updatednpm/​eslint@​9.37.0 ⏵ 9.38.097 +110010094100
Updatednpm/​lint-staged@​16.2.4 ⏵ 16.2.6100 +110010095 -1100
Updatedgolang/​mvdan.cc/​gofumpt@​v0.9.1 ⏵ v0.9.299 +1100100100100

View full report

@renovate renovate bot changed the title fix(deps): update dependency @libp2p/interface to v2.11.0 fix(deps): update all dependencies Aug 20, 2025
@renovate renovate bot force-pushed the renovate/all branch 6 times, most recently from ae2f9d0 to f4729ce Compare August 26, 2025 22:38
@renovate renovate bot force-pushed the renovate/all branch 9 times, most recently from 2a584e8 to e1cc4f9 Compare September 7, 2025 18:00
@renovate renovate bot force-pushed the renovate/all branch 5 times, most recently from 1417d8f to b67b277 Compare September 10, 2025 21:26
@renovate renovate bot changed the title fix(deps): update all dependencies fix(deps): update all dependencies - autoclosed Sep 16, 2025
@renovate renovate bot closed this Sep 16, 2025
@renovate renovate bot deleted the renovate/all branch September 16, 2025 09:12
@renovate renovate bot changed the title fix(deps): update all dependencies - autoclosed fix(deps): update all dependencies Sep 17, 2025
@renovate renovate bot reopened this Sep 17, 2025
@renovate renovate bot changed the title fix(deps): update all dependencies fix(deps): update all dependencies to v0.25.10 Sep 17, 2025
@renovate renovate bot force-pushed the renovate/all branch 6 times, most recently from 2237415 to 9c2a29e Compare October 14, 2025 06:01
@renovate renovate bot changed the title fix(deps): update all dependencies fix(deps): update all dependencies - autoclosed Oct 15, 2025
@renovate renovate bot closed this Oct 15, 2025
@renovate renovate bot changed the title fix(deps): update all dependencies - autoclosed fix(deps): update all dependencies Oct 15, 2025
@renovate renovate bot reopened this Oct 15, 2025
@renovate renovate bot force-pushed the renovate/all branch 5 times, most recently from b93853f to ffc5fff Compare October 15, 2025 08:45
@renovate
Copy link
Contributor Author

renovate bot commented Oct 15, 2025

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

  • any of the package files in this branch needs updating, or
  • the branch becomes conflicted, or
  • you click the rebase/retry checkbox if found above, or
  • you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: tools/go.sum
Command failed: go get -t ./...
go: module github.com/libp2p/[email protected] requires go >= 1.24.6; switching to go1.24.9
go: downloading go1.24.9 (linux/amd64)
go: download go1.24.9: golang.org/[email protected]: verifying module: checksum database disabled by GOSUMDB=off

@renovate renovate bot force-pushed the renovate/all branch 7 times, most recently from 088a17e to 9b222e0 Compare October 24, 2025 02:56
@renovate renovate bot force-pushed the renovate/all branch 5 times, most recently from c500da3 to f1d84cd Compare October 30, 2025 13:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant